← Zuruck zu CVEs
CVE-2023-6803
MEDIUM5.8
Beschreibung
A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a repository is being transferred. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.
CVE Details
CVSS v3.1 Bewertung5.8
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L
AngriffsvektorLOCAL
KomplexitatHIGH
Erforderliche PrivilegienHIGH
BenutzerinteraktionREQUIRED
Veroffentlicht12/21/2023
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
github:enterprise_server
Schwachen (CWE)
CWE-367CWE-367
Referenzen
https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4(product-cna@github.com)
https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1(product-cna@github.com)
https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12(product-cna@github.com)
https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7(product-cna@github.com)
https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4(af854a3a-2127-422b-91ae-364da2661108)
https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1(af854a3a-2127-422b-91ae-364da2661108)
https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12(af854a3a-2127-422b-91ae-364da2661108)
https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.