GitHub Rotates Credentials in Response to Vulnerability
Posted: Wed Jan 17, 2024 12:32 pm
Code hosting platform GitHub on Tuesday announced that it has rotated credentials after learning that a vulnerability impacting GitHub.com and GitHub Enterprise Server could expose login information.
The Microsoft-owned platform received the vulnerability report on December 26, 2023, and took immediate action to address the issue and revoke potentially exposed credentials, which led to disruptions between December 27 and 29.
The security defect, which allowed access to credentials within a production container, had no impact beyond the security researcher who identified and reported it, but the platform’s security protocols call for rotating credentials exposed to third-parties.
[...]
GitHub Rotates Credentials in Response to Vulnerability
The Microsoft-owned platform received the vulnerability report on December 26, 2023, and took immediate action to address the issue and revoke potentially exposed credentials, which led to disruptions between December 27 and 29.
The security defect, which allowed access to credentials within a production container, had no impact beyond the security researcher who identified and reported it, but the platform’s security protocols call for rotating credentials exposed to third-parties.
[...]
GitHub Rotates Credentials in Response to Vulnerability