CVE Published: 16/10/2024 |
CVE Updated: 16/10/2024 |
CVE Year: 2024 Source: Google |
Vendor: Google Cloud |
Product: Migrate to Containers Status : PUBLISHED
CVE-2024-9858 Description
There exists an insecure default user permission in Google Cloud Migrate to containers from version 1.1.0 to 1.2.2 Windows installs. A local "m2cuser" was greated with administrator privileges. This posed a security risk if the "analyze" or "generate" commands were interrupted or skipping the action to delete the local user “m2cuser”. We recommend upgrading to 1.2.3 or beyond