Privilege Escalation Vulnerability in MinIO Object Storage Solution
CVE-2024-55949
Currently unrated
What is CVE-2024-55949?
CVE-2024-55949 is a critical privilege escalation vulnerability found in MinIO, a leading S3 compatible object storage solution. The flaw affects all users of MinIO due to a bug introduced in commit 580d9db85e04f1b63cc2909af50f0ed08afa965f. This vulnerability allows unauthorized access, leading to potential privilege escalation within the IAM import API. Users are strongly urged to upgrade to the latest version, released on December 13, 2024, which addresses this critical issue. Because no workarounds exist, immediate action is essential to protect sensitive data and maintain system integrity.