Unrated severityNVD Advisory· Published Jan 16, 2024· Updated Oct 22, 2024
Privilege Escalation by Code Injection in the Management Console in GitHub Enterprise Server
CVE-2024-0507
Description
An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2>=3.8.0-0 <=3.8.13-0, >=3.9.0-0 <=3.9.8-0, >=3.10.0-0 <=3.10.5-0, >=3.11.0-0 <=3.11.3-0+ 1 more
- (no CPE)range: >=3.8.0-0 <=3.8.13-0, >=3.9.0-0 <=3.9.8-0, >=3.10.0-0 <=3.10.5-0, >=3.11.0-0 <=3.11.3-0
- (no CPE)range: 3.8.0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.