Gitblit Authentication Bypass Vulnerability (CVE-2024-28080)

Overview Recently, NSFOCUS CERT detected that Gitblit issued a security announcement and fixed the Gitblit authentication bypass vulnerability (CVE-2024-28080); Because Gitblit’s SSH service has defects in the public key authentication process, unauthenticated attackers can use the client’s public key to trigger signature verification failure and fall back to password-based authentication to complete SSH login with […]

The post Gitblit Authentication Bypass Vulnerability (CVE-2024-28080) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Gitblit Authentication Bypass Vulnerability (CVE-2024-28080) appeared first on Security Boulevard.