Improper privilege management in all versions of GitHub Enterprise Server allows users with authorized access to the management console with an editor role to escalate their privileges by making requests to the endpoint used for bootstrapping the instance. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.6, 3.10.3, and 3.11.0.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_P
Published: 2023-12-21T20:45:17.664Z
Updated: 2024-08-02T20:53:20.870Z
Reserved: 2023-10-24T13:41:13.389Z
Link: CVE-2023-46647
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-21T21:15:08.930
Modified: 2023-12-29T15:52:07.093
Link: CVE-2023-46647
Redhat
No data.