CVE-2024-4985: 
GitHub Enterprise Server vulnerability analysis and mitigation

A critical authentication bypass vulnerability (CVE-2024-4985) was discovered in GitHub Enterprise Server (GHES) affecting instances using SAML single sign-on authentication with the optional encrypted assertions feature. The vulnerability was discovered through GitHub's Bug Bounty program and disclosed on May 20, 2024. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.13.0 and was fixed in versions 3.9.15, 3.10.12, 3.11.10, and 3.12.4 (Security Online, Hacker News).

The vulnerability carries a maximum CVSS score of 10.0 and specifically affects the SAML SSO authentication mechanism with encrypted assertions feature. An attacker could forge a SAML response to provision and/or gain access to a user with site administrator privileges. It's important to note that encrypted assertions are not enabled by default, and instances not utilizing SAML SSO or those using SAML SSO without encrypted assertions are not impacted (Security Online).

The exploitation of this vulnerability would allow unauthorized access to the instance without requiring prior authentication. An attacker could potentially gain administrator privileges, allowing them full access to sensitive code repositories and data. For organizations utilizing the vulnerable configuration, the consequences could include unauthorized access to source code, data breaches, and potential disruption of development operations (Security Online).

GitHub has released patches to address this vulnerability in versions 3.9.15, 3.10.12, 3.11.10, and 3.12.4. Administrators are strongly urged to update their installations immediately to mitigate the risk of compromise. Organizations using affected versions should prioritize upgrading to the patched versions (Security Online, Hacker News).