CVE-2023-6746

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Dec 21, 2023

Updated: Dec 16, 2024

CWE ID 532

Summary

CVE-2023-6746 is a log file vulnerability affecting GitHub Enterprise Server back-end services. An adversary in the middle can insert sensitive information into the log files, potentially leading to compromises when combined with phishing techniques. This vulnerability, which affects all versions of GitHub Enterprise Server starting from 3.7, can be exploited by attackers with access to the server's log files, backup archives, or streamed logs. It was addressed in versions 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Github Enterprise Server

Affected Vendors

GitHub

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tyBfNZ
https://www.cve.org/CVERecord?id=CVE-2023-6746
https://nvd.nist.gov/vuln/detail/CVE-2023-6746

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners