GitHub's new Enterprise Server update addresses a critical vulnerability (CVE-2024-9487), which enables authentication bypass, particularly impacting on-premise deployments and using SAML.
Chris Hatter describes the vulnerability as 'severe,' urging organizations to comprehend their network architectures and implement measures to block unauthorized access routes.
Hatter highlights that while a typical attack may require prior access to internal networks, organizations should ensure effective telemetry to monitor access by unauthorized users.
The SAML-based vulnerability allows hackers to forge authentication requests, potentially exposing valuable information on GitHub Enterprise Servers, such as source code and architecture.
Collection
[
|
...
]