Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes
eSecurity Planet
MAY 27, 2024
The problem: CVE-2024-4985 is a critical authentication bypass vulnerability in GitHub Enterprise Server (GHES) that uses SAML single sign-on (SSO) with encrypted assertions. Exploitation enables attackers to falsify an SAML response, granting them administrative capabilities and unrestricted access without authentication.
Let's personalize your content