GitHub has issued critical security updates for its Enterprise Server (GHES) to mitigate a serious vulnerability, CVE-2024-9487, that allows unauthorized access.
The flaw involves a SAML single sign-on (SSO) bypass, affecting user provisioning security and highlighting a regression from prior security measures in GitHub's systems.
In addition to CVE-2024-9487, two other vulnerabilities were also addressed, emphasizing the importance of maintaining updated security protocols to protect against attacks.
Organizations using vulnerable versions of GHES are strongly urged to upgrade to the latest releases to mitigate risks and maintain data integrity.
Collection
[
|
...
]