GHES Management console EoP (editor to site admin)
High
G
GitHub
Submitted None
Team Summary
Official summary from GitHub
Improper privilege management in all versions of GitHub Enterprise Server allows users with authorized access to the management console with an editor role to escalate their privileges by making requests to the endpoint used for bootstrapping the instance. [CVE-2023-46647](https://nvd.nist.gov/vuln/detail/CVE-2023-46647)
Actions:
Reported by
imrerad
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Improper Access Control - Generic