CVE-2022-23738: Incomplete cache verification issue in GitHub Enterprise Server leading to exposure of private repo files
First published: Tue Nov 01 2022(Updated: )
An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository. To exploit this, an actor would need to already be authorized on the GitHub Enterprise Server instance, be able to create a public repository, and have a site administrator visit a specially crafted URL. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.6 and was fixed in versions 3.2.20, 3.3.15, 3.4.10, 3.5.7, 3.6.3. This vulnerability was reported via the GitHub Bug Bounty program.
Credit: product-cna@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GitHub Enterprise Server | >=3.2.0<3.2.20 | |
| GitHub Enterprise Server | >=3.3.0<3.3.15 | |
| GitHub Enterprise Server | >=3.4.0<3.4.10 | |
| GitHub Enterprise Server | >=3.5.0<3.5.7 | |
| GitHub Enterprise Server | >=3.6.0<3.6.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://docs.github.com/en/enterprise-server@3.2/admin/release-notes#3.2.20
- https://docs.github.com/en/enterprise-server@3.3/admin/release-notes#3.3.15
- https://docs.github.com/en/enterprise-server@3.4/admin/release-notes#3.4.10
- https://docs.github.com/en/enterprise-server@3.5/admin/release-notes#3.5.7
- https://docs.github.com/en/enterprise-server@3.6/admin/release-notes#3.6.3
- https://docs.github.com/en/enterprise-server%403.2/admin/release-notes#3.2.20
- https://docs.github.com/en/enterprise-server%403.3/admin/release-notes#3.3.15
- https://docs.github.com/en/enterprise-server%403.4/admin/release-notes#3.4.10
- https://docs.github.com/en/enterprise-server%403.5/admin/release-notes#3.5.7
- https://docs.github.com/en/enterprise-server%403.6/admin/release-notes#3.6.3
Frequently Asked Questions
What is CVE-2022-23738?
CVE-2022-23738 is an improper cache key vulnerability in GitHub Enterprise Server.
What is the severity of CVE-2022-23738?
The severity of CVE-2022-23738 is medium, with a severity value of 5.7.
How does CVE-2022-23738 impact GitHub Enterprise Server?
CVE-2022-23738 allows an unauthorized actor to access private repository files through a public repository on GitHub Enterprise Server.
Which versions of GitHub Enterprise Server are affected by CVE-2022-23738?
GitHub Enterprise Server versions 3.2.0 to 3.2.20, 3.3.0 to 3.3.15, 3.4.0 to 3.4.10, 3.5.0 to 3.5.7, and 3.6.0 to 3.6.3 are affected by CVE-2022-23738.
How can I fix CVE-2022-23738?
To fix CVE-2022-23738, it is recommended to upgrade GitHub Enterprise Server to a version that includes a fix for the vulnerability.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/title
- agent/references
- agent/last-modified-date
- agent/severity
- agent/author
- agent/weakness
- agent/description
- agent/event
- agent/tags
- agent/first-publish-date
- vendor/github
- canonical/github enterprise server
- version/github enterprise server/3.2.0
- version/github enterprise server/3.3.0
- version/github enterprise server/3.4.0
- version/github enterprise server/3.5.0
- version/github enterprise server/3.6.0