An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program.
Metrics
Affected Vendors & Products
References
History
Tue, 22 Oct 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:github:enterprise_server:-:*:*:*:*:*:*:* | |
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: GitHub_P
Published: 2024-01-16T18:51:28.374Z
Updated: 2024-10-22T15:50:55.430Z
Reserved: 2024-01-12T15:20:54.402Z
Link: CVE-2024-0507
Vulnrichment
Updated: 2024-08-01T18:11:34.952Z
NVD
Status : Modified
Published: 2024-01-16T19:15:08.870
Modified: 2024-11-21T08:46:45.020
Link: CVE-2024-0507
Redhat
No data.