Insecure Default User Permission in Google Cloud Migrate
CVE-2024-9858

Currently unrated

Key Information:

Vendor
CVE Published:
16 October 2024

What is CVE-2024-9858?

There exists an insecure default user permission in Google Cloud Migrate to containers from version 1.1.0 to 1.2.2 Windows installs. A local "m2cuser" was greated with administrator privileges. This posed a security risk if the "analyze" or "generate" commands were interrupted or skipping the action to delete the local user “m2cuser”. We recommend upgrading to 1.2.3 or beyond

References

Timeline

  • Vulnerability published

.
CVE-2024-9858 : Insecure Default User Permission in Google Cloud Migrate