CVE-2024-1372: 
GitHub Enterprise Server vulnerability analysis and mitigation

A command injection vulnerability (CVE-2024-1372) was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring SAML settings. The vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported through the GitHub Bug Bounty program (NVD).

The vulnerability is classified as a command injection flaw (CWE-77) with a CVSS v3.1 base score of 9.1 CRITICAL (Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). Exploitation required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role (NVD).

If exploited, this vulnerability would allow an attacker with editor role privileges in the Management Console to gain elevated admin SSH access to the GitHub Enterprise Server appliance, potentially compromising the entire system (NVD).

GitHub has released patches to address this vulnerability in multiple versions: 3.11.5, 3.10.7, 3.9.10, and 3.8.15. Organizations running affected versions of GitHub Enterprise Server should upgrade to the patched versions immediately (Security Online).

The vulnerability was discovered and reported through GitHub's Bug Bounty program, demonstrating the effectiveness of coordinated vulnerability disclosure programs. The security community has classified this as a critical vulnerability requiring immediate attention (Security Online).