ГлавнаяУязвимости → CVE-2024-9858
7.8высокая

CVE-2024-9858

→ есть в БДУ: BDU:2024-08690 (на русском)
Описание (на английском; русское — в БДУ выше)

There exists an insecure default user permission in Google Cloud Migrate to containers from version 1.1.0 to 1.2.2 Windows installs. A local "m2cuser" was greated with administrator privileges. This posed a security risk if the "analyze" or "generate" commands were interrupted or skipping the action to delete the local user “m2cuser”. We recommend upgrading to 1.2.3 or beyond

Затрагиваемое ПО
Google Migrate to containers
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://cloud.google.com/migrate/containers/docs/m2c-cli-relnotes#october_8_2024