GitHub has released patches for a critical severity vulnerability in Enterprise Server that could allow unauthenticated attackers to obtain administrative privileges. The vulnerability, tracked as CVE-2024-4985, impacts Enterprise Server instances that rely on SAML single sign-on (SSO) authentication and have the optional encrypted assertions feature enabled.
GitHub has patched the vulnerability by releasing Enterprise Server versions 3.9.15, 3.10.12, 3.11.10, and 3.12.4. Users are advised to update their GitHub Enterprise Server to a patched release as soon as possible.
Read more – Critical Authentication Bypass Resolved in GitHub Enterprise Server
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.