You are currently viewing CVE-2024-9487: GitHub Patches Major Security Flaw in Enterprise Server. Patch Now!

CVE-2024-9487: GitHub Patches Major Security Flaw in Enterprise Server. Patch Now!

  • Post author:
  • Reading time:4 mins read

A new critical vulnerability has been found in the GitHub Enterprise Server! CVE-2024-9487, with a staggering CVSS score of 9.5, is a cryptographic signature verification flaw that allows an attacker to gain unauthorized access to vulnerable instances.78io.-[

The encrypted assertions feature, which is not enabled by default, can bypass SAML SSO with a crafted SAML response. This issue emerged as a result of follow-up remediation efforts for CVE-2024-4985. Exploiting this vulnerability requires an attacker to have direct network access and a signed SAML response or metadata document. This flaw does not affect instances not using SAML SSO or encrypted assertions.

A patch management software can instantly bring down your risks by 3x by foreseeing upcoming vulns and remediating them.


Impact

According to Hawkeye, at least 76,000 vulnerable instances existed as of 17 October 2024. Exploitation can compromise sensitive information, expose private source code, and significantly disrupt development processes.

Affected Products

The affected versions include:

  • GitHub Enterprise Server versions from 3.11.0 to 3.11.15
  • GitHub Enterprise Server versions from 3.12.0 to 3.12.9
  • GitHub Enterprise Server versions from 3.13.0 to 3.13.4
  • GitHub Enterprise Server versions from 3.14.0 to 3.14.1


Solutions

GitHub has released patches for this flaw in versions 3.11.16, 3.12.10, 3.13.5, and 3.14.2. Users are urged to upgrade their instances to these versions or any newer ones.


Instantly Fix Risks with SanerNow Patch Management

SanerNow patch management is a continuous, automated, and integrated software that instantly fixes risks exploited in the wild. The software supports major operating systems like Windows, Linux, and macOS, as well as 550+ third-party applications.

It also allows you to set up a safe testing area to test patches before deploying them in a primary production environment. SanerNow patch management additionally supports a patch rollback feature in case of patch failure or a system malfunction.

Experience the fastest and most accurate patching software here.