What is the severity of CVE-2024-4985?

CVE-2024-4985 is considered a high-severity vulnerability due to the potential for unauthorized access through authentication bypass.

How do I fix CVE-2024-4985?

To mitigate CVE-2024-4985, users should upgrade their GitHub Enterprise Server to the latest version beyond 3.13.0.

What software versions are affected by CVE-2024-4985?

CVE-2024-4985 affects GitHub Enterprise Server versions 3.9.15, 3.10.12, 3.11.10, and all versions up to 3.13.0.

What attack vector does CVE-2024-4985 exploit?

CVE-2024-4985 exploits an authentication bypass via forged SAML responses when using SAML single sign-on with encrypted assertions.

Is CVE-2024-4985 related to GitHub's authentication features?

Yes, CVE-2024-4985 is specifically related to vulnerabilities in the SAML single sign-on authentication feature of GitHub Enterprise Server.

Vulnerability/
CVE-2024-4985

critical

CWE

303

EPSS

0.045%

20/5/2024

21/11/2024

CVE-2024-4985

First published: Mon May 20 2024(Updated: )

An authentication bypass vulnerability was present in the GitHub Enterprise Server (GHES) when utilizing SAML single sign-on authentication with the optional encrypted assertions feature. This vulnerability allowed an attacker to forge a SAML response to provision and/or gain access to a user with site administrator privileges. Exploitation of this vulnerability would allow unauthorized access to the instance without requiring prior authentication. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.13.0 and was fixed in versions 3.9.15, 3.10.12, 3.11.10 and 3.12.4. This vulnerability was reported via the GitHub Bug Bounty program.

Credit: product-cna@github.com

Affected Software	Affected Version	How to fix
GitHub Enterprise	<3.13.0>=3.9.15<3.9.15>=3.10.12<3.10.12>=3.11.10<3.11.10>=3.12.4<3.12.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-4985?
CVE-2024-4985 is considered a high-severity vulnerability due to the potential for unauthorized access through authentication bypass.
How do I fix CVE-2024-4985?
To mitigate CVE-2024-4985, users should upgrade their GitHub Enterprise Server to the latest version beyond 3.13.0.
What software versions are affected by CVE-2024-4985?
CVE-2024-4985 affects GitHub Enterprise Server versions 3.9.15, 3.10.12, 3.11.10, and all versions up to 3.13.0.
What attack vector does CVE-2024-4985 exploit?
CVE-2024-4985 exploits an authentication bypass via forged SAML responses when using SAML single sign-on with encrypted assertions.
Is CVE-2024-4985 related to GitHub's authentication features?
Yes, CVE-2024-4985 is specifically related to vulnerabilities in the SAML single sign-on authentication feature of GitHub Enterprise Server.

agent/weakness
agent/type
agent/description
agent/first-publish-date
agent/author
collector/the-register
source/The Register
alias/CVE-2024-4985
collector/bleeping-computer
source/BleepingComputer
agent/references
collector/mitre-cve
source/MITRE
collector/epss-latest
source/FIRST
agent/epss
collector/nvd-api
source/NVD
agent/severity
agent/last-modified-date
agent/event
agent/source
agent/trending
agent/tags
agent/softwarecombine
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/github
canonical/github enterprise

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.