{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-5815", "assignerOrgId": "82327ea3-741d-41e4-88f8-2cf9e791e760", "state": "PUBLISHED", "assignerShortName": "GitHub_P", "dateReserved": "2024-06-10T20:08:13.175Z", "datePublished": "2024-07-16T21:26:57.404Z", "dateUpdated": "2024-08-01T21:25:02.739Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "GitHub Enterprise Server", "vendor": "GitHub", "versions": [{"changes": [{"at": "3.9.17", "status": "unaffected"}], "lessThanOrEqual": "3.9.16", "status": "affected", "version": "3.9.0", "versionType": "semver"}, {"changes": [{"at": "3.10.14", "status": "unaffected"}], "lessThanOrEqual": "3.10.13", "status": "affected", "version": "3.10.0", "versionType": "semver"}, {"changes": [{"at": "3.11.12", "status": "unaffected"}], "lessThanOrEqual": "3.11.11", "status": "affected", "version": "3.11.0", "versionType": "semver"}, {"changes": [{"at": "3.12.6", "status": "unaffected"}], "lessThanOrEqual": "3.12.5", "status": "affected", "version": "3.12.0", "versionType": "semver"}, {"changes": [{"at": "3.13.1", "status": "unaffected"}], "lessThanOrEqual": "3.13.0", "status": "affected", "version": "3.13", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "ahacker1"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: transparent;\">A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. A mitigating factor is that the attacker would have to be a trusted GitHub Enterprise Server user, and the victim would have to visit a tag in the attacker's fork of their own repository. vulnerability affected all versions of GitHub Enterprise Server prior 3.14 and was fixed in version 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17.\n\n\n This vulnerability was reported via the GitHub Bug Bounty program.</span><br>"}], "value": "A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. A mitigating factor is that the attacker would have to be a trusted GitHub Enterprise Server user, and the victim would have to visit a tag in the attacker's fork of their own repository. vulnerability affected all versions of GitHub Enterprise Server prior 3.14 and was fixed in version 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17.\n\n\n This vulnerability was reported via the GitHub Bug Bounty program."}], "impacts": [{"capecId": "CAPEC-62", "descriptions": [{"lang": "en", "value": "CAPEC-62 Cross Site Request Forgery"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NO", "Recovery": "USER", "Safety": "NEGLIGIBLE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 6.8, "baseSeverity": "MEDIUM", "privilegesRequired": "HIGH", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "HIGH", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/S:N/AU:N/R:U/RE:L/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "LOW"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "82327ea3-741d-41e4-88f8-2cf9e791e760", "shortName": "GitHub_P", "dateUpdated": "2024-07-16T21:26:57.404Z"}, "references": [{"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.9.17"}, {"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.10.14"}, {"url": "https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.11.12"}, {"url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.12.6"}, {"url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1"}], "source": {"discovery": "UNKNOWN"}, "title": "Cross Site Request Forgery was identified in GitHub Enterprise Server that allowed write in a user owned repository", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-24T20:44:57.534814Z", "id": "CVE-2024-5815", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-24T20:48:10.911Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:25:02.739Z"}, "title": "CVE Program Container", "references": [{"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.9.17", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.10.14", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.11.12", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.12.6", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.9.17", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.10.14", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.11.12", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.12.6", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:25:02.739Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-5815", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-24T20:44:57.534814Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-24T20:48:05.910Z"}}], "cna": {"title": "Cross Site Request Forgery was identified in GitHub Enterprise Server that allowed write in a user owned repository", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "ahacker1"}], "impacts": [{"capecId": "CAPEC-62", "descriptions": [{"lang": "en", "value": "CAPEC-62 Cross Site Request Forgery"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "USER", "baseScore": 6.8, "Automatable": "NO", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/S:N/AU:N/R:U/RE:L/U:Amber", "providerUrgency": "AMBER", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "GitHub", "product": "GitHub Enterprise Server", "versions": [{"status": "affected", "changes": [{"at": "3.9.17", "status": "unaffected"}], "version": "3.9.0", "versionType": "semver", "lessThanOrEqual": "3.9.16"}, {"status": "affected", "changes": [{"at": "3.10.14", "status": "unaffected"}], "version": "3.10.0", "versionType": "semver", "lessThanOrEqual": "3.10.13"}, {"status": "affected", "changes": [{"at": "3.11.12", "status": "unaffected"}], "version": "3.11.0", "versionType": "semver", "lessThanOrEqual": "3.11.11"}, {"status": "affected", "changes": [{"at": "3.12.6", "status": "unaffected"}], "version": "3.12.0", "versionType": "semver", "lessThanOrEqual": "3.12.5"}, {"status": "affected", "changes": [{"at": "3.13.1", "status": "unaffected"}], "version": "3.13", "versionType": "semver", "lessThanOrEqual": "3.13.0"}], "defaultStatus": "affected"}], "references": [{"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.9.17"}, {"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.10.14"}, {"url": "https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.11.12"}, {"url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.12.6"}, {"url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. A mitigating factor is that the attacker would have to be a trusted GitHub Enterprise Server user, and the victim would have to visit a tag in the attacker's fork of their own repository. vulnerability affected all versions of GitHub Enterprise Server prior 3.14 and was fixed in version 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17.\n\n\n This vulnerability was reported via the GitHub Bug Bounty program.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: transparent;\">A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. A mitigating factor is that the attacker would have to be a trusted GitHub Enterprise Server user, and the victim would have to visit a tag in the attacker's fork of their own repository. vulnerability affected all versions of GitHub Enterprise Server prior 3.14 and was fixed in version 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17.\n\n\n This vulnerability was reported via the GitHub Bug Bounty program.</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "82327ea3-741d-41e4-88f8-2cf9e791e760", "shortName": "GitHub_P", "dateUpdated": "2024-07-16T21:26:57.404Z"}}}, "cveMetadata": {"cveId": "CVE-2024-5815", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:25:02.739Z", "dateReserved": "2024-06-10T20:08:13.175Z", "assignerOrgId": "82327ea3-741d-41e4-88f8-2cf9e791e760", "datePublished": "2024-07-16T21:26:57.404Z", "assignerShortName": "GitHub_P"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAF7098F-C0C3-474E-8E01-E3252A3A4DB4", "versionEndExcluding": "3.9.17", "versionStartIncluding": "3.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "976E8532-E4BE-4779-9E09-05FCD57F5EB0", "versionEndExcluding": "3.10.14", "versionStartIncluding": "3.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A638319-C7A1-42F0-808E-84DF23F37734", "versionEndExcluding": "3.11.12", "versionStartIncluding": "3.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB39F351-9738-4228-B4C9-0A0E6A4CE97D", "versionEndExcluding": "3.12.6", "versionStartIncluding": "3.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:github:enterprise_server:3.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "8D9D3E81-23E5-4BD9-BC0F-D87CF0ED21FF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. A mitigating factor is that the attacker would have to be a trusted GitHub Enterprise Server user, and the victim would have to visit a tag in the attacker's fork of their own repository. vulnerability affected all versions of GitHub Enterprise Server prior 3.14 and was fixed in version 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17.\n\n\n This vulnerability was reported via the GitHub Bug Bounty program."}, {"lang": "es", "value": "Una vulnerabilidad de Cross-Site Request Forgery en GitHub Enterprise Server permiti\u00f3 operaciones de escritura en un repositorio propiedad de la v\u00edctima explotando tipos de solicitudes incorrectos. Un factor atenuante es que el atacante tendr\u00eda que ser un usuario confiable de GitHub Enterprise Server y la v\u00edctima tendr\u00eda que visitar una etiqueta en la bifurcaci\u00f3n del atacante en su propio repositorio. La vulnerabilidad afect\u00f3 a todas las versiones de GitHub Enterprise Server anteriores a la 3.14 y se solucion\u00f3 en las versiones 3.13.1, 3.12.6, 3.11.12, 3.10.14 y 3.9.17. Esta vulnerabilidad se inform\u00f3 a trav\u00e9s del programa GitHub Bug Bounty."}], "id": "CVE-2024-5815", "lastModified": "2024-09-17T16:26:44.973", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "automatable": "NO", "availabilityRequirements": "NOT_DEFINED", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "AMBER", "recovery": "USER", "safety": "NEGLIGIBLE", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "HIGH", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:X/RE:L/U:Amber", "version": "4.0", "vulnerabilityResponseEffort": "LOW", "vulnerableSystemAvailability": "NONE", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "HIGH"}, "source": "product-cna@github.com", "type": "Secondary"}]}, "published": "2024-07-16T22:15:05.490", "references": [{"source": "product-cna@github.com", "tags": ["Release Notes"], "url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.9.17"}, {"source": "product-cna@github.com", "tags": ["Release Notes"], "url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.10.14"}, {"source": "product-cna@github.com", "tags": ["Release Notes"], "url": "https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.11.12"}, {"source": "product-cna@github.com", "tags": ["Release Notes"], "url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.12.6"}, {"source": "product-cna@github.com", "tags": ["Release Notes"], "url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1"}], "sourceIdentifier": "product-cna@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-352"}], "source": "product-cna@github.com", "type": "Secondary"}]}

{}