Plattform
go
Komponente
github.com/minio/minio
Behoben in
2022.0.1
0.0.0-20241213221912-68b004a48f41
CVE-2024-55949 describes a privilege escalation vulnerability discovered in MinIO, a popular object storage server. This flaw resides within the IAM (Identity and Access Management) import API, allowing unauthorized users to potentially gain elevated privileges within the MinIO environment. The vulnerability impacts versions prior to 0.0.0-20241213221912-68b004a48f41, and a patch has been released to address the issue.
Successful exploitation of CVE-2024-55949 could allow an attacker to bypass access controls and gain administrative privileges within the MinIO storage system. This could lead to unauthorized access, modification, or deletion of stored data, potentially impacting critical applications and services relying on MinIO for storage. The impact is particularly severe in environments where MinIO is used to store sensitive data or as a central component of a larger infrastructure. A compromised MinIO instance could be leveraged for data exfiltration or as a stepping stone for lateral movement within the network, expanding the attack surface significantly.
CVE-2024-55949 was publicly disclosed on December 18, 2024. There is currently no indication of active exploitation in the wild, but the vulnerability's nature and potential impact warrant immediate attention. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not yet widely available, but the ease of exploitation once a PoC is released could lead to rapid adoption by malicious actors.
Organizations heavily reliant on MinIO for object storage, particularly those storing sensitive data or integrating MinIO with critical applications, are at significant risk. Environments with weak IAM policies or inadequate access controls are especially vulnerable. Shared hosting environments where multiple users share a MinIO instance also face increased risk.
• linux / server: Monitor MinIO logs for unusual IAM import requests or errors. Use journalctl -u minio to filter for relevant log entries.
journalctl -u minio | grep "IAM import" -i• go / supply-chain: Examine MinIO code for the IAM import API functions. Look for potential vulnerabilities in input validation or access control logic.
• generic web: If the IAM import API endpoint is exposed, use curl to test for unauthorized access.
curl -v -X POST -d '...' <minio_instance>/iam/importdisclosure
Exploit-Status
EPSS
0.30% (54% Perzentil)
CISA SSVC
The primary mitigation for CVE-2024-55949 is to upgrade to version 0.0.0-20241213221912-68b004a48f41 or later. Before upgrading, review the MinIO release notes for any potential breaking changes and test the upgrade in a non-production environment. If a direct upgrade is not immediately feasible, consider restricting access to the IAM import API to trusted sources only, and implement robust authentication and authorization controls to limit the potential impact of a successful attack. Monitor MinIO logs for any suspicious activity related to the IAM import API.
Actualice MinIO a la versión RELEASE.2024-12-13T22-19-12Z o posterior. Esta actualización corrige una vulnerabilidad de escalada de privilegios en la API de importación de IAM. Se recomienda actualizar inmediatamente para mitigar el riesgo.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-55949 is a vulnerability in MinIO's IAM import API that allows attackers to gain elevated privileges, potentially compromising the entire storage system. It has a CVSS score of 7.5 (HIGH).
You are affected if you are running MinIO versions prior to 0.0.0-20241213221912-68b004a48f41. Assess your MinIO deployment immediately.
Upgrade to version 0.0.0-20241213221912-68b004a48f41 or later. Test the upgrade thoroughly in a non-production environment first.
There is currently no evidence of active exploitation in the wild, but the vulnerability's potential impact warrants immediate remediation.
Refer to the official MinIO security advisory for detailed information and updates: [https://min.io/security/advisories/CVE-2024-55949](https://min.io/security/advisories/CVE-2024-55949)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine go.mod-Datei hoch und wir sagen dir sofort, ob du betroffen bist.