允许授权访问权限的用户的攻击者可以利用该漏洞提升权限为管理员权限。
官方公告:https://docs.github.com/en/enterprise-server@3.11/admin/release-notes
CVE-2023-46647:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46647
GitHub Enterprise Server <= 3.8.0
GitHub Enterprise Serve >= 3.8.12 GitHub Enterprise Serve >= 3.9.6 GitHub Enterprise Serve >= 3.10.3 GitHub Enterprise Serve >= 3.11.0
扫一扫订阅