Improper privilege management in all versions of GitHub Enterprise Server allows users with authorized access to the management console with an editor role to escalate their privileges by making requests to the endpoint used for bootstrapping the instance. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.6, 3.10.3, and 3.11.0.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_P
Published: 2023-12-21T20:45:17.664Z
Updated: 2023-12-21T20:45:17.664Z
Reserved: 2023-10-24T13:41:13.389Z
Link: CVE-2023-46647
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-21T21:15:08.930
Modified: 2023-12-29T15:52:07.093
Link: CVE-2023-46647
JSON object: View
Redhat Information
No data.
CWE