GitHub Personal Access Token approval policy modified
ID:github_token_auto_approve_policy_modified
Data type:GitHub
Severity:
Low
MITRE ATT&CK:TA0005:T1562.001
Description
AlphaSOC detected changes to GitHub Personal Access Token (PAT) approval policies. PATs are used for API and command line authentication to GitHub repositories and resources. Modifying these policies could potentially alter authentication controls and security mechanisms within your GitHub environment.
Impact
Changes to PAT approval policies may allow the creation of tokens without proper oversight, potentially bypassing established security controls. If exploited, modified PAT policies could enable unauthorized access to repositories and resources. Attackers who gain control of PAT policies could potentially use this to maintain access, access sensitive code, or execute unauthorized workflows.
Severity
Severity | Condition |
---|---|
Low | GitHub Personal Access Token approval policy modified |