First published: Fri Apr 07 2023(Updated: )
An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to modify other users' secret gists by authenticating through an SSH certificate authority. To do so, a user had to know the secret gist's URL. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.9 and was fixed in versions 3.4.18, 3.5.15, 3.6.11, 3.7.8, and 3.8.1. This vulnerability was reported via the GitHub Bug Bounty program.
Credit: product-cna@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
GitHub Enterprise Server | <3.4.18 | |
GitHub Enterprise Server | >=3.5.0<3.5.15 | |
GitHub Enterprise Server | >=3.6.0<3.6.11 | |
GitHub Enterprise Server | >=3.7.0<3.7.8 | |
GitHub Enterprise Server | =3.8.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-23761 is an improper authentication vulnerability in GitHub Enterprise Server that allows unauthorized actors to modify other users' secret gists by authenticating through an SSH certificate authority.
The versions of GitHub Enterprise Server affected by CVE-2023-23761 are 3.4.18, 3.5.0 to 3.5.15, 3.6.0 to 3.6.11, 3.7.0 to 3.7.8, and 3.8.0.
The severity level of CVE-2023-23761 is high, with a severity value of 5.3.
An unauthorized actor can exploit CVE-2023-23761 by authenticating through an SSH certificate authority and knowing the secret gist's URL to modify other users' secret gists.
You can find more information about CVE-2023-23761 in the GitHub Enterprise Server release notes for versions 3.4.18, 3.5.15, and 3.6.11.