First post here! GitHub Enterprise SAML Authentication Bypass (CVE-2024-4985 / CVE-2024-9487)
We dive into GitHub Enterprise’s SAML implementation and explore an authentication bypass in encrypted assertion mode.
projectdiscovery.io/blog/github-...
We dive into GitHub Enterprise’s SAML implementation and explore an authentication bypass in encrypted assertion mode.
projectdiscovery.io/blog/github-...
GitHub Enterprise SAML Authentication Bypass (CVE-2024-4985 / CVE-2024-9487) — ProjectDiscovery Blog
Introduction
In light of the recent Ruby-SAML bypass discovered in GitLab, we set out to examine the SAML implementation within GitHub Enterprise. During our research, we identified a significant vul...
projectdiscovery.io
November 13, 2024 at 3:40 PM
First post here! GitHub Enterprise SAML Authentication Bypass (CVE-2024-4985 / CVE-2024-9487)
We dive into GitHub Enterprise’s SAML implementation and explore an authentication bypass in encrypted assertion mode.
projectdiscovery.io/blog/github-...
We dive into GitHub Enterprise’s SAML implementation and explore an authentication bypass in encrypted assertion mode.
projectdiscovery.io/blog/github-...