CVE-2017-18365

Name of the Vulnerable Software and Affected Versions GitHub Enterprise versions 2.8.x through 2.8.6

Description The issue allows unauthenticated remote attackers to execute arbitrary code due to a deserialization problem in the Management Console. This occurs because the enterprise session secret is static and publicly accessible within the product's source code. An attacker can exploit this by sending a crafted cookie signed with the secret, enabling them to call Marshal.load with arbitrary data. The Marshal data format's ability to handle Ruby objects exacerbates this problem.

Recommendations For GitHub Enterprise versions 2.8.x through 2.8.6, update to version 2.8.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the Management Console to minimize the risk of exploitation.