Beware of Secret Gist Modification on GitHub Enterprise Server

CVSScvssV3_1: 7.7

An authentication bypass vulnerability was discovered in GitHub Enterprise Server that could allow unauthorized modification of secret gists. GitHub Enterprise Server is a private version of the popular GitHub code hosting platform used by many companies.

The flaw affected all versions of GitHub Enterprise Server prior to 3.9 and involved exploiting SSH certificate authentication. By knowing the URL of a secret gist, an attacker could authenticate through an SSH certificate to modify its contents, even without valid credentials for the gist owner’s account.

Secret gists are meant to be private code snippets or files shared only with intended viewers. However, this vulnerability broke down access controls and allowed an outsider to potentially view and alter secret code or sensitive data.

To protect secret gists, GitHub has now patched the vulnerability in versions 3.4.18, 3.5.15, 3.6.11, 3.7.8, and 3.8.1 of GitHub Enterprise Server. Users are advised to update their installations to the latest version as soon as possible. It is also recommended to regenerate any SSH certificates used for authentication as a precaution.

Organizations should carefully review any secret gists for unintended changes. Strict access management and regular auditing of credentials can help prevent and detect unauthorized access to private code in the future.