Security misconfiguration vulnerabilities could occur if a component is susceptible to attack due to an insecure configuration option. These vulnerabilities often occur due to insecure default configuration, poorly documented default configuration, or poorly documented side-effects of optional configuration. This could range from failing to set a useful security header on a web server, to forgetting to disable default platform functionality that could grant administrative access to an attacker.
GitHub uses hundreds of different software components, including server software, libraries, and application frameworks. Each of these components has complex configuration options. GitHub relies on extensive automation (configuration management, automated deployment, unit testing) to minimize our risk of misconfiguring a security critical component. If an insecure configuration is identified, we can make a centralized change and add a new test case to ensure we do not regress in the future.
More about security misconfiguration vulnerabilities from OWASP’s Top 10:
Security misconfiguration can happen at any level of an application stack, including the platform, web server, application server, database, framework, and custom code. Developers and system administrators need to work together to ensure that the entire stack is configured properly. Automated scanners are useful for detecting missing patches, misconfigurations, use of default accounts, unnecessary services, etc.
|1||1000 pts Florian Kunushevci Missing authentication on GitHub Enterprise QA deployments|
|2||555 pts Jonathan Walker "Require review from Code Owners" bypass using unverified email addresses|
|3||1000 pts Borja Berastegui Localhost same-site request forgery via GitHub Webhooks|
|4||5000 pts Tanner Repository administrators can bypass repository visibility permissions|
|5||10000 pts Markus Fenske GitHub Enterprise management console remote code execution|