An authentication bypass vulnerability was present in the GitHub Enterprise Server (GHES) when utilizing SAML single sign-on authentication with the optional encrypted assertions feature. This vulnerability allowed an attacker to forge a SAML response to provision and/or gain access to a user with site administrator privileges. Exploitation of this vulnerability would allow unauthorized access to the instance without requiring prior authentication. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.13.0 and was fixed in versions 3.9.15, 3.10.12, 3.11.10 and 3.12.4. This vulnerability was reported via the GitHub Bug Bounty program.
Metrics
Affected Vendors & Products
References
History
Wed, 27 Aug 2025 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:* | |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: GitHub_P
Published:
Updated: 2024-08-01T20:55:10.505Z
Reserved: 2024-05-16T03:36:45.225Z
Link: CVE-2024-4985

Updated: 2024-08-01T20:55:10.505Z

Status : Analyzed
Published: 2024-05-20T22:15:08.727
Modified: 2025-08-27T20:53:04.547
Link: CVE-2024-4985

No data.

Updated: 2025-07-13T11:31:50Z