VDB

CVE-2024-6800

CVE-2024-6800 PUBLISHED

Es besteht eine Schwachstelle in Microsoft GitHub Enterprise. Diese Fehler besteht aufgrund eines XML-Signatur-Wrapping-Problems in den SAML-Authentifizierungsmechanismen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Site-Administrator-Rechte zu erlangen.

EPSS 3.01% · 86.9th percentile

Risk Scores

EPSS Score
3.01%
86.9th percentile

Affected Products

VendorProductVersions
MicrosoftMicrosoft GitHub Enterprise <3.10.16
MicrosoftMicrosoft GitHub Enterprise <3.11.14
MicrosoftMicrosoft GitHub Enterprise <3.13.3
MicrosoftMicrosoft GitHub Enterprise <3.12.8

Timeline

  • CVE Published
  • Aug 20, 2024 PoC Published
  • Aug 21, 2024 EPSS Score
  • Aug 21, 2024 PoC Published
  • Aug 22, 2024 PoC Published
  • Aug 22, 2024 PoC Published
  • Aug 22, 2024 PoC Published
  • Aug 22, 2024 PoC Published
  • Aug 23, 2024 PoC Published
  • Aug 26, 2024 PoC Published
  • Aug 26, 2024 PoC Published
  • Sep 10, 2024 PoC Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›