News
GitHub issues urgent patch for critical exploitable vuln in Enterprise Server
May 2024 by Sylvain Cortes, VP Strategy at Hackuity
GitHub Enterprise Server has issued a critical patch for a maximum risk vulnerability, which gives attackers full admin access if not addressed.
The vulnerability, CVE-2024-4985, should be addressed by users immediately, according to
Sylvain Cortes, VP Strategy, Hackuity
“GitHub’s security flaw, CVE-2024-4985, is critical, giving anyone who exploits the issue in a version released before p3.13.0 of the code, full admin access to the GitHub Enterprise Server.
The maximum severity rating of 10 out of 10 puts users of such versions at incredibly high risk of attacker network ‘break-ins’.
We know that patching continues to be a challenge for many organisations, but this latest vulnerability is yet another prime example of why security teams must keep on top of the most prevalent issues within their network.
GitHub have issued an urgent patch for a reason - users of their Enterprise Server software should prioritise implementing this, and any other critical vulnerability patches, before it’s too late.”
