{"vulnerability": "CVE-2024-6800", "sightings": [{"uuid": "5deb89b7-ac24-4fc4-bc20-004ad0f593ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/669", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-10T10:01:29.000000Z"}, {"uuid": "28bb0187-c5ed-4c78-9672-4254dcaca27f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/cibsecurity/79242", "content": "\ud83e\udd85 The SAML Exploit That Could Take Down GitHub: What You Need to Know About CVE-2024-6800 \ud83e\udd85\n\n  Key Takeaways\u00a0    CVE20246800 is a severe security flaw discovered in GitHub Enterprise Server GHES, which could allow unauthorized access and control over sensitive systems by exploiting XML signature wrapping and forged SAML responses.\u00a0     The vulnerability impacts all GHES versions prior to 3.14, excluding versions 3.13.3, 3.12.8, 3.11.14, and 3.10.16, indicating that many installations could be at risk.\u00a0     Exploiting this vulnerability can grant attackers unauthorized access to GHES instances, enabling them to view, modify, or delete critical source code and sensitive data and potentially compromising entire supply chains.\u00a0     GHES instances are often accessible over the internet, which broadens the attack surface and increases the likelihood of exploitation, emphasizing the n...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-08-26T17:20:16.000000Z"}, {"uuid": "630c3dea-cc85-491b-ae10-d58bc8d8d27a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3522", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-10T10:01:29.000000Z"}, {"uuid": "a8e27782-2243-4b58-9058-f30338e511f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "Telegram/Ld6VKvYxBlV2RSqa-KvoX_kaiEwmlQf1KLu5k-IwDs_KmA", "content": "", "creation_timestamp": "2024-08-22T09:49:51.000000Z"}, {"uuid": "9b7d071d-643e-4a6c-b777-53ee108fd54d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/cvedetector/3681", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-6800 - GitHub Enterprise Server SAML Authentication XML Signature Wrapping Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-6800 \nPublished : Aug. 20, 2024, 8:15 p.m. | 43\u00a0minutes ago \nDescription : An XML signature wrapping vulnerability was present in GitHub Enterprise Server (GHES) when utilizing SAML authentication with specific identity providers. This vulnerability allowed an attacker with direct network access to GitHub Enterprise Server to forge a\u00a0SAML response to provision and/or gain access to a user with site administrator privileges. Exploitation of this vulnerability would allow unauthorized access to the instance without requiring prior authentication.\u00a0This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in versions 3.13.3, 3.12.8, 3.11.14, and 3.10.16. This vulnerability was reported via the GitHub Bug Bounty program. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T22:59:26.000000Z"}, {"uuid": "9602ad0d-03ca-45f5-a72c-57d9833545f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "Telegram/1_vcacoomzYihOGFOx2KRxbErYxJjO2PUlegAUICxwpFLpXv", "content": "", "creation_timestamp": "2024-08-26T14:44:07.000000Z"}, {"uuid": "66c953f7-7241-4f06-a166-720334a47470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/311", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-10T14:05:36.000000Z"}, {"uuid": "2e8fad31-2e0a-4f45-89c5-e5f5c4b327e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/HackingInsights/10797", "content": "\u200aCVE-2024-6800 (CVSS 9.5): Critical GitHub Enterprise Server Flaw Patched, Admin Access at Risk\n\nhttps://securityonline.info/cve-2024-6800-cvss-9-5-critical-github-enterprise-server-flaw-patched-admin-access-at-risk/", "creation_timestamp": "2024-08-21T12:52:52.000000Z"}, {"uuid": "cba4133a-556e-480c-bcab-55a9dfadd279", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/18477", "content": "The Hacker News\nGitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges\n\nGitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges.\nThe most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a CVSS score of 9.5.\n\"On GitHub Enterprise Server instances that use SAML single sign-on (SSO)", "creation_timestamp": "2024-08-22T09:49:44.000000Z"}, {"uuid": "fcf757c7-b049-4794-a6b3-3e45c090cdef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/KomunitiSiber/2442", "content": "GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges\nhttps://thehackernews.com/2024/08/github-patches-critical-security-flaw.html\n\nGitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges.\nThe most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a CVSS score of 9.5.\n\"On GitHub Enterprise Server instances that use SAML single sign-on (SSO)", "creation_timestamp": "2024-08-22T10:28:22.000000Z"}, {"uuid": "ca237004-c17b-4d2e-a5fb-d1c64c851d6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "Telegram/V6C3WOxDbov-Mvc3FF7LxHWCN2GrvxrxFbMqJzKk7o1fcw", "content": "", "creation_timestamp": "2024-08-22T09:59:50.000000Z"}, {"uuid": "d04a5f1d-265f-4ce3-ba53-09e308e560a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3692", "content": "The Hacker News\nGitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges\n\nGitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges.\nThe most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a CVSS score of 9.5.\n\"On GitHub Enterprise Server instances that use SAML single sign-on (SSO)", "creation_timestamp": "2024-08-22T09:49:44.000000Z"}, {"uuid": "3b538570-564d-4e6e-af1a-8452f2399855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/thehackernews/5455", "content": "#GitHub has released critical fixes for 3 flaws in Enterprise Server, including CVE-2024-6800 (CVSS 9.5). \n \nThis flaw could allow attackers to gain admin privileges, posing serious risks to organizations using SAML SSO. \n \nDetails: https://thehackernews.com/2024/08/github-patches-critical-security-flaw.html", "creation_timestamp": "2024-08-22T06:54:04.000000Z"}, {"uuid": "509da527-3aec-4013-a967-ce6d393833b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/true_secator/6127", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 GitHub Enterprise Server \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435.\n\nCVE-2024-6800 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 9,5 \u043f\u043e \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0443 CVSS 4.0.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u043d\u0438\u044f XML-\u0441\u0438\u0433\u043d\u0430\u0442\u0443\u0440, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0434\u0434\u0435\u043b\u044b\u0432\u0430\u0442\u044c \u043e\u0442\u0432\u0435\u0442\u044b Security Assertion Markup Language (SAML).\n\n\u041d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u0445 GitHub Enterprise Server, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e SAML \u0441 \u0435\u0434\u0438\u043d\u044b\u043c \u0432\u0445\u043e\u0434\u043e\u043c (SSO) \u0441 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c\u0438 IdP, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0434\u0434\u0435\u043b\u0430\u0442\u044c \u043e\u0442\u0432\u0435\u0442 SAML \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0441\u0430\u0439\u0442\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u0438\u0441\u043a\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b FOFA, \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0431\u043e\u043b\u0435\u0435 36 500 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 GHES, \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 (29 200) \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u044b \u0432 \u0421\u0428\u0410, \u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0438\u0437 \u043d\u0438\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 \u043d\u0435 \u044f\u0441\u043d\u043e.\n\nGitHub \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b \u044d\u0442\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 GHES 3.13.3, 3.12.8, 3.11.14 \u0438 3.10.16. \n\n\u041d\u043e\u0432\u044b\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0438 GHES \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0432\u0443\u0445 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438: \n\n- CVE-2024-7711 (CVSS: 5,3): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a, \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043b\u0438\u0446 \u0438 \u043c\u0435\u0442\u043a\u0438 \u043b\u044e\u0431\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u043c \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438.\n\n- CVE-2024-6337 (CVSS: 5,9): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438\u0437 \u0437\u0430\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f GitHub.\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b GitHub Bug Bounty \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 HackerOne.\n\nGitHub \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043b\u0443\u0436\u0431\u044b \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u0434\u0430\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043f\u043e\u0441\u043b\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043d\u043e \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440 \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u0434\u043e\u043b\u0436\u0435\u043d \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c\u0441\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e.", "creation_timestamp": "2024-08-23T12:50:05.000000Z"}, {"uuid": "f5e39b52-4bc5-4ff0-a692-6bdab019ec3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11107", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n]-> https://github.com/watchtowrlabs/CVE-2024-40711\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-16T18:20:15.000000Z"}, {"uuid": "ad98a299-0e9b-43a4-9ed6-241af7e2e185", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/xakep_ru/16290", "content": "\u0412 GitHub Enterprise Server \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 GitHub \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0441\u0440\u0430\u0437\u0443 \u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 GitHub Enterprise Server \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0442\u0447\u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435. \u0422\u0430\u043a, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 GitHub Enterprise Server, \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\nhttps://xakep.ru/2024/08/22/cve-2024-6800/", "creation_timestamp": "2024-08-22T16:06:26.000000Z"}]}