CVE-2024-9858 (GCVE-0-2024-9858)
Vulnerability from cvelistv5 – Published: 2024-10-16 08:43 – Updated: 2024-10-16 16:24
VLAI?
Title
Insecure user permissions in Google Cloud Migrate to Containers for Windows
Summary
There exists an insecure default user permission in Google Cloud Migrate to containers from version 1.1.0 to 1.2.2 Windows installs. A local "m2cuser" was greated with administrator privileges. This posed a security risk if the "analyze" or "generate" commands were interrupted or skipping the action to delete the local user “m2cuser”. We recommend upgrading to 1.2.3 or beyond
Severity ?
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Google Cloud | Migrate to Containers |
Affected:
1.1.0 , ≤ 1.2.2
(semver)
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:google_cloud:migrate_to_containers:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "migrate_to_containers",
"vendor": "google_cloud",
"versions": [
{
"lessThanOrEqual": "1.2.2",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-9858",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-16T16:19:21.189547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T16:24:16.999Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Migrate to Containers",
"vendor": "Google Cloud",
"versions": [
{
"lessThanOrEqual": "1.2.2",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-10-07T22:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There exists an insecure default user permission in Google Cloud Migrate to containers from version 1.1.0 to 1.2.2 Windows installs. A local \"m2cuser\" was greated with\u0026nbsp;administrator privileges. This posed a security risk if the \"analyze\" or \"generate\" commands were interrupted or skipping the action to delete the local user \u201cm2cuser\u201d. We recommend upgrading to\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e1.2.3 or beyond\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "There exists an insecure default user permission in Google Cloud Migrate to containers from version 1.1.0 to 1.2.2 Windows installs. A local \"m2cuser\" was greated with\u00a0administrator privileges. This posed a security risk if the \"analyze\" or \"generate\" commands were interrupted or skipping the action to delete the local user \u201cm2cuser\u201d. We recommend upgrading to\u00a01.2.3 or beyond"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "AUTOMATIC",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L/S:P/AU:Y/R:A/V:D/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T08:43:51.015Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://cloud.google.com/migrate/containers/docs/m2c-cli-relnotes#october_8_2024"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insecure user permissions in Google Cloud Migrate to Containers for Windows",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2024-9858",
"datePublished": "2024-10-16T08:43:51.015Z",
"dateReserved": "2024-10-11T11:17:41.006Z",
"dateUpdated": "2024-10-16T16:24:16.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"There exists an insecure default user permission in Google Cloud Migrate to containers from version 1.1.0 to 1.2.2 Windows installs. A local \\\"m2cuser\\\" was greated with\\u00a0administrator privileges. This posed a security risk if the \\\"analyze\\\" or \\\"generate\\\" commands were interrupted or skipping the action to delete the local user \\u201cm2cuser\\u201d. We recommend upgrading to\\u00a01.2.3 or beyond\"}, {\"lang\": \"es\", \"value\": \"Existe un permiso de usuario predeterminado inseguro en las instalaciones de Google Cloud Migrate to Containers desde la versi\\u00f3n 1.1.0 a la 1.2.2 de Windows. Se otorgaron privilegios de administrador a un \\\"m2cuser\\\" local. Esto representaba un riesgo de seguridad si se interrump\\u00edan los comandos \\\"analyze\\\" o \\\"generate\\\" o se omit\\u00eda la acci\\u00f3n de eliminar el usuario local \\\"m2cuser\\\". Recomendamos actualizar a la versi\\u00f3n 1.2.3 o posterior.\"}]",
"id": "CVE-2024-9858",
"lastModified": "2024-10-16T17:35:08.130",
"metrics": "{\"cvssMetricV40\": [{\"source\": \"cve-coordination@google.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:A/V:D/RE:L/U:Green\", \"baseScore\": 5.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"PASSIVE\", \"vulnerableSystemConfidentiality\": \"HIGH\", \"vulnerableSystemIntegrity\": \"LOW\", \"vulnerableSystemAvailability\": \"LOW\", \"subsequentSystemConfidentiality\": \"HIGH\", \"subsequentSystemIntegrity\": \"LOW\", \"subsequentSystemAvailability\": \"LOW\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"PRESENT\", \"automatable\": \"YES\", \"recovery\": \"AUTOMATIC\", \"valueDensity\": \"DIFFUSE\", \"vulnerabilityResponseEffort\": \"LOW\", \"providerUrgency\": \"GREEN\"}}], \"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
"published": "2024-10-16T09:15:03.550",
"references": "[{\"url\": \"https://cloud.google.com/migrate/containers/docs/m2c-cli-relnotes#october_8_2024\", \"source\": \"cve-coordination@google.com\"}]",
"sourceIdentifier": "cve-coordination@google.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"cve-coordination@google.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-276\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-9858\",\"sourceIdentifier\":\"cve-coordination@google.com\",\"published\":\"2024-10-16T09:15:03.550\",\"lastModified\":\"2025-07-30T19:32:10.007\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"There exists an insecure default user permission in Google Cloud Migrate to containers from version 1.1.0 to 1.2.2 Windows installs. A local \\\"m2cuser\\\" was greated with\u00a0administrator privileges. This posed a security risk if the \\\"analyze\\\" or \\\"generate\\\" commands were interrupted or skipping the action to delete the local user \u201cm2cuser\u201d. We recommend upgrading to\u00a01.2.3 or beyond\"},{\"lang\":\"es\",\"value\":\"Existe un permiso de usuario predeterminado inseguro en las instalaciones de Google Cloud Migrate to Containers desde la versi\u00f3n 1.1.0 a la 1.2.2 de Windows. Se otorgaron privilegios de administrador a un \\\"m2cuser\\\" local. Esto representaba un riesgo de seguridad si se interrump\u00edan los comandos \\\"analyze\\\" o \\\"generate\\\" o se omit\u00eda la acci\u00f3n de eliminar el usuario local \\\"m2cuser\\\". Recomendamos actualizar a la versi\u00f3n 1.2.3 o posterior.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:A/V:D/RE:L/U:Green\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"PASSIVE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"LOW\",\"subAvailabilityImpact\":\"LOW\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"PRESENT\",\"Automatable\":\"YES\",\"Recovery\":\"AUTOMATIC\",\"valueDensity\":\"DIFFUSE\",\"vulnerabilityResponseEffort\":\"LOW\",\"providerUrgency\":\"GREEN\"}}],\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-276\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:migrate_to_containers:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.0\",\"versionEndExcluding\":\"1.2.3\",\"matchCriteriaId\":\"59E1CC0F-79D1-4C58-BDBB-77FB8E057C6F\"}]}]}],\"references\":[{\"url\":\"https://cloud.google.com/migrate/containers/docs/m2c-cli-relnotes#october_8_2024\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-9858\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-16T16:19:21.189547Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:google_cloud:migrate_to_containers:*:*:*:*:*:*:*:*\"], \"vendor\": \"google_cloud\", \"product\": \"migrate_to_containers\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.1.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.2.2\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-16T16:24:04.455Z\"}}], \"cna\": {\"title\": \"Insecure user permissions in Google Cloud Migrate to Containers for Windows\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-233\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-233 Privilege Escalation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"PRESENT\", \"version\": \"4.0\", \"Recovery\": \"AUTOMATIC\", \"baseScore\": 5.9, \"Automatable\": \"YES\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"DIFFUSE\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L/S:P/AU:Y/R:A/V:D/RE:L/U:Green\", \"providerUrgency\": \"GREEN\", \"userInteraction\": \"PASSIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"HIGH\", \"subIntegrityImpact\": \"LOW\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"LOW\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Google Cloud\", \"product\": \"Migrate to Containers\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.1.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.2.2\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2024-10-07T22:00:00.000Z\", \"references\": [{\"url\": \"https://cloud.google.com/migrate/containers/docs/m2c-cli-relnotes#october_8_2024\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"There exists an insecure default user permission in Google Cloud Migrate to containers from version 1.1.0 to 1.2.2 Windows installs. A local \\\"m2cuser\\\" was greated with\\u00a0administrator privileges. This posed a security risk if the \\\"analyze\\\" or \\\"generate\\\" commands were interrupted or skipping the action to delete the local user \\u201cm2cuser\\u201d. We recommend upgrading to\\u00a01.2.3 or beyond\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"There exists an insecure default user permission in Google Cloud Migrate to containers from version 1.1.0 to 1.2.2 Windows installs. A local \\\"m2cuser\\\" was greated with\u0026nbsp;administrator privileges. This posed a security risk if the \\\"analyze\\\" or \\\"generate\\\" commands were interrupted or skipping the action to delete the local user \\u201cm2cuser\\u201d. We recommend upgrading to\u0026nbsp;\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e1.2.3 or beyond\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-276\", \"description\": \"CWE-276 Incorrect Default Permissions\"}]}], \"providerMetadata\": {\"orgId\": \"14ed7db2-1595-443d-9d34-6215bf890778\", \"shortName\": \"Google\", \"dateUpdated\": \"2024-10-16T08:43:51.015Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-9858\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-16T16:24:16.999Z\", \"dateReserved\": \"2024-10-11T11:17:41.006Z\", \"assignerOrgId\": \"14ed7db2-1595-443d-9d34-6215bf890778\", \"datePublished\": \"2024-10-16T08:43:51.015Z\", \"assignerShortName\": \"Google\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…