Critical GitHub Enterprise Server Flaw Allows Authentication Bypass

2 months ago [email protected] (The Hacker News)
Critical GitHub Enterprise Server Flaw Allows Authentication Bypass


GitHub has rolled out fixes to address a maximum severity flaw in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication protections.
Tracked as CVE-2024-4985 (CVSS score: 10.0), the issue could permit unauthorized access to an instance without requiring prior authentication.
“On instances that use SAML single sign-on (SSO) authentication with the

The post “Critical GitHub Enterprise Server Flaw Allows Authentication Bypass” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)

Tags: , , ,

More Stories

This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

20 hours ago [email protected] (The Hacker News)

U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals

1 day ago [email protected] (The Hacker News)

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

1 day ago [email protected] (The Hacker News)

CrowdStrike Warns of New Phishing Scam Targeting German Customers

1 day ago [email protected] (The Hacker News)

Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk

1 day ago [email protected] (The Hacker News)

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks

2 days ago [email protected] (The Hacker News)