Privilege Escalation Vulnerability in OpenObserve Cloud-Native Observability Platform
CVE-2024-55954
8.7HIGH
Key Information:
- Vendor
- Openobserve
- Status
- Openobserve
- Vendor
- CVE Published:
- 16 January 2025
Summary
A critical vulnerability in OpenObserve allows users with 'Admin' roles to incorrectly remove 'Root' users from their organizations through the /api/{org_id}/users/{email_id} endpoint. The lack of proper role checks in the remove_user_from_org function enables unauthorized actions that can compromise the highest level of control within the system. This oversight can lead to significant security risks, as an attacker with Admin privileges could eliminate Root users, effectively allowing them to take full control of the organization. Users are strongly advised to upgrade to version 0.14.1 or later, as there are no known workarounds for this issue.
Affected Version(s)
openobserve < 0.14.1
References
CVSS V3.1
Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved