CVE-2024-9487

CRITICAL NUCLEI

GitHub Enterprise Server < 3.11.16 - SAML SSO Authentication Bypass via Cryptographic Signature Verification

Title source: llm

Exploitation Summary

CVE-2024-9487 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.

Description

An improper verification of cryptographic signature vulnerability was identified in GitHub Enterprise Server that allowed SAML SSO authentication to be bypassed resulting in unauthorized provisioning of users and access to the instance. Exploitation required the encrypted assertions feature to be enabled, and the attacker would require direct network access as well as a signed SAML response or metadata document. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.15 and was fixed in versions 3.11.16, 3.12.10, 3.13.5, and 3.14.2. This vulnerability was reported via the GitHub Bug Bounty program.

Nuclei Templates (1)

GitHub Enterprise - SAML Authentication Bypass

CRITICALVERIFIEDby iamnoooob,rootxharsh,pdresearch

Shodan: title:"GitHub Enterprise"

References (4)

Core 4

Core References

Release Notes release-notes

https://docs.github.com/en/[email protected]/admin/release-notes#3.11.16

Release Notes release-notes

https://docs.github.com/en/[email protected]/admin/release-notes#3.12.10

Release Notes release-notes

https://docs.github.com/en/[email protected]/admin/release-notes#3.13.5

Release Notes release-notes

https://docs.github.com/en/[email protected]/admin/release-notes#3.14.2

Scores

CVSS v3 9.1

EPSS 0.2244

EPSS Percentile 97.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-347

Status published

Products (1)

github/enterprise_server < 3.11.16

Published Oct 10, 2024

Tracked Since Feb 18, 2026