CVE-2025-23369

HIGH

Github Enterprise Server < 3.12.14 - Signature Verification Bypass

Title source: rule

Description

An improper verification of cryptographic signature vulnerability was identified in GitHub Enterprise Server that allowed signature spoofing for unauthorized internal users. Instances not utilizing SAML single sign-on or where the attacker is not already an existing user were not impacted. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12.14, 3.13.10, 3.14.7, 3.15.2, and 3.16.0. This vulnerability was reported via the GitHub Bug Bounty program.

Exploits (2)

nomisec WORKING POC 38 stars

by hakivvi · poc

https://github.com/hakivvi/CVE-2025-23369

View Code ZIP pw:eip

nomisec WORKING POC

by Arian91 · poc

https://github.com/Arian91/CVE-2025-23369_SAML_bypass

View Code ZIP pw:eip

References (4)

[Release Notes] https://docs.github.com/en/[email protected]/admin/release-notes#3.12.14

[Release Notes] https://docs.github.com/en/[email protected]/admin/release-notes#3.13.10

[Release Notes] https://docs.github.com/en/[email protected]/admin/release-notes#3.14.7

[Release Notes] https://docs.github.com/en/[email protected]/admin/release-notes#3.15.2

Scores

CVSS v3 8.8

EPSS 0.1178

EPSS Percentile 93.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-347

Status published

Products (1)

github/enterprise_server < 3.12.14

Published Jan 21, 2025

Tracked Since Feb 18, 2026