CVE-2024-6336 (GCVE-0-2024-6336)
Vulnerability from cvelistv5
Published
2024-07-16 21:27
Modified
2024-08-01 21:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. This attack required an organization member to explicitly change the visibility of a dependent repository from private to public. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in versions 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17. This vulnerability was reported via the GitHub Bug Bounty program.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| GitHub | GitHub Enterprise Server |
Version: 3.10.0 ≤ 3.10.13 Version: 3.11.0 ≤ 3.11.11 Version: 3.12.0 ≤ 3.12.5 Version: 3.13 ≤ 3.13.0 Version: 3.9.0 ≤ 3.9.16 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6336",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T15:38:56.968094Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T15:39:07.466Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:33:05.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.15"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.12"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "GitHub Enterprise Server",
"vendor": "GitHub",
"versions": [
{
"changes": [
{
"at": "3.10.14",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.10.13",
"status": "affected",
"version": "3.10.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.11.12",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.11.11",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.12.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.12.5",
"status": "affected",
"version": "3.12.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.13.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.13.0",
"status": "affected",
"version": "3.13",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.9.17",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.9.16",
"status": "affected",
"version": "3.9.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Omar El Latif"
},
{
"lang": "en",
"type": "finder",
"value": "Giovanni Guido"
},
{
"lang": "en",
"type": "finder",
"value": "Antonio Francesco Sardella"
},
{
"lang": "en",
"type": "finder",
"value": "Andrea Valenza"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eA Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. This attack required an organization member to explicitly change the visibility of a dependent repository from private to public. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in versions 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17. This vulnerability was reported via the GitHub Bug Bounty program.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. This attack required an organization member to explicitly change the visibility of a dependent repository from private to public. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in versions 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17. This vulnerability was reported via the GitHub Bug Bounty program."
}
],
"impacts": [
{
"capecId": "CAPEC-212",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-212 Functionality Misuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/S:N/AU:N/R:U/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T21:27:07.393Z",
"orgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
"shortName": "GitHub_P"
},
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.15"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.12"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Security misconfiguration was identified in GitHub Enterprise Server that allowed sensitive data exposure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
"assignerShortName": "GitHub_P",
"cveId": "CVE-2024-6336",
"datePublished": "2024-07-16T21:27:07.393Z",
"dateReserved": "2024-06-25T20:18:21.890Z",
"dateUpdated": "2024-08-01T21:33:05.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.15\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.12\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T21:33:05.420Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-6336\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-17T15:38:56.968094Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-17T15:39:02.169Z\"}}], \"cna\": {\"title\": \"Security misconfiguration was identified in GitHub Enterprise Server that allowed sensitive data exposure\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Omar El Latif\"}, {\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Giovanni Guido\"}, {\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Antonio Francesco Sardella\"}, {\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Andrea Valenza\"}], \"impacts\": [{\"capecId\": \"CAPEC-212\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-212 Functionality Misuse\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NEGLIGIBLE\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 6.9, \"Automatable\": \"NO\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/S:N/AU:N/R:U/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"ACTIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"GitHub\", \"product\": \"GitHub Enterprise Server\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"3.10.14\", \"status\": \"unaffected\"}], \"version\": \"3.10.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.10.13\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"3.11.12\", \"status\": \"unaffected\"}], \"version\": \"3.11.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.11.11\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"3.12.6\", \"status\": \"unaffected\"}], \"version\": \"3.12.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.12.5\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"3.13.1\", \"status\": \"unaffected\"}], \"version\": \"3.13\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.13.0\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"3.9.17\", \"status\": \"unaffected\"}], \"version\": \"3.9.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.9.16\"}], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.15\"}, {\"url\": \"https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.12\"}, {\"url\": \"https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6\"}, {\"url\": \"https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1\"}, {\"url\": \"https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. This attack required an organization member to explicitly change the visibility of a dependent repository from private to public. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in versions 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17. This vulnerability was reported via the GitHub Bug Bounty program.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: transparent;\\\"\u003eA Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. This attack required an organization member to explicitly change the visibility of a dependent repository from private to public. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in versions 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17. This vulnerability was reported via the GitHub Bug Bounty program.\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"82327ea3-741d-41e4-88f8-2cf9e791e760\", \"shortName\": \"GitHub_P\", \"dateUpdated\": \"2024-07-16T21:27:07.393Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-6336\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T21:33:05.420Z\", \"dateReserved\": \"2024-06-25T20:18:21.890Z\", \"assignerOrgId\": \"82327ea3-741d-41e4-88f8-2cf9e791e760\", \"datePublished\": \"2024-07-16T21:27:07.393Z\", \"assignerShortName\": \"GitHub_P\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…