Security News > 2024 > August > Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)
2024-08-22 12:19
A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the instance’s contents. The issue, reported via the GitHub Bug Bounty program, has been addressed and administrators are advised to update quickly. About CVE-2024-6800 GitHub Enterprise Server is a software development platform that organizations often self-host on-premises, usually to comply with specific regulations that require more control/security over their code repositories. It comes … More → The post Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/08/22/cve-2024-6800/
Related news
- GitHub Enterprise Server vulnerable to critical auth bypass flaw (source)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110) (source)
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327) (source)
- You probably want to patch this critical GitHub Enterprise Server bug now (source)
- GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges (source)
- Critical Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments (source)
- Critical Exim bug bypasses security filters on 1.5 million mail servers (source)
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929) (source)
- Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419) (source)
- Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991) (source)