CVSS 3.1 Score 8.0 of 10 (high)


Published Dec 21, 2023
Updated: Dec 29, 2023
CWE ID 269


CVE-2023-46647 is a vulnerability that affects all versions of GitHub Enterprise Server. It involves improper privilege management, allowing users with authorized access to the management console with an editor role to escalate their privileges by making requests to the endpoint used for bootstrapping the instance. The affected versions were 3.8.0 and above, but the issue was fixed in versions 3.8.12, 3.9.6, 3.10.3, and 3.11.0 of GitHub Enterprise Server. This vulnerability poses a high risk to organizations as it can lead to unauthorized privilege escalation, potentially compromising sensitive data and system integrity.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-46647 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options