CVE-2022-24842

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-24842
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-24842.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-24842
Aliases
Published
2022-04-12T18:15:09Z
Modified
2024-10-12T09:19:29.020736Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. A security issue was found where an non-admin user is able to create service accounts for root or other admin users and then is able to assume their access policies via the generated credentials. This in turn allows the user to escalate privilege to that of the root user. This vulnerability has been resolved in pull request #14729 and is included in RELEASE.2022-04-12T06-55-35Z. Users unable to upgrade may workaround this issue by explicitly adding a admin:CreateServiceAccount deny policy, however, this, in turn, denies the user the ability to create their own service accounts as well.

References

Affected packages

Git / github.com/minio/minio

Affected ranges

Type
GIT
Repo
https://github.com/minio/minio
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
66b14a0d32684d527ae8018dc6d9d46ccce58ae3

Affected versions

OFFICIAL.*

OFFICIAL.2016-02-08T00-12-28Z

RELEASE.*

RELEASE.2016-03-11T03-45-50Z
RELEASE.2016-03-21T21-08-51Z
RELEASE.2016-04-14T18-38-10Z
RELEASE.2016-06-03T19-32-05Z
RELEASE.2016-07-13T21-46-05Z
RELEASE.2016-08-16T23-19-45Z
RELEASE.2016-08-21T02-44-47Z
RELEASE.2016-09-11T17-42-18Z
RELEASE.2016-12-12T18-35-43Z
RELEASE.2016-12-12T23-44-33Z
RELEASE.2016-12-13T17-19-42Z
RELEASE.2017-08-05T00-00-53Z
RELEASE.2017-09-29T19-16-56Z
RELEASE.2017-10-27T18-59-02Z
RELEASE.2017-11-22T19-55-46Z
RELEASE.2017-12-28T01-21-00Z
RELEASE.2018-01-02T23-07-00Z
RELEASE.2018-01-18T20-33-21Z
RELEASE.2018-02-09T22-40-05Z
RELEASE.2018-03-12T21-25-28Z
RELEASE.2018-03-16T22-52-12Z
RELEASE.2018-03-19T19-22-06Z
RELEASE.2018-03-28T23-45-53Z
RELEASE.2018-03-30T00-38-44Z
RELEASE.2018-04-04T05-20-54Z
RELEASE.2018-04-12T23-41-09Z
RELEASE.2018-04-19T22-54-58Z
RELEASE.2018-04-27T23-33-52Z
RELEASE.2018-05-04T23-13-12Z
RELEASE.2018-05-10T00-00-42Z
RELEASE.2018-05-11T00-29-24Z
RELEASE.2018-05-16T23-35-33Z
RELEASE.2018-05-25T19-49-13Z
RELEASE.2018-06-07T19-10-07Z
RELEASE.2018-06-08T03-49-38Z
RELEASE.2018-06-09T03-43-35Z
RELEASE.2018-06-22T23-48-46Z
RELEASE.2018-06-29T02-11-29Z
RELEASE.2018-07-10T01-42-11Z
RELEASE.2018-07-13T00-09-07Z
RELEASE.2018-07-23T18-34-49Z
RELEASE.2018-07-31T02-11-47Z
RELEASE.2018-08-02T23-11-36Z
RELEASE.2018-08-18T03-49-57Z
RELEASE.2018-08-21T00-37-20Z
RELEASE.2018-08-25T01-56-38Z
RELEASE.2018-09-01T00-38-25Z
RELEASE.2018-09-11T01-39-21Z
RELEASE.2018-09-12T18-49-56Z
RELEASE.2018-09-25T21-34-43Z
RELEASE.2018-10-05T01-03-03Z
RELEASE.2018-10-06T00-15-16Z
RELEASE.2018-10-18T00-28-58Z
RELEASE.2018-10-25T01-27-03Z
RELEASE.2018-11-06T01-01-02Z
RELEASE.2018-11-15T01-26-07Z
RELEASE.2018-11-17T01-23-48Z
RELEASE.2018-11-22T02-51-56Z
RELEASE.2018-11-30T03-56-59Z
RELEASE.2018-12-06T01-27-43Z
RELEASE.2018-12-13T02-04-19Z
RELEASE.2018-12-19T23-46-24Z
RELEASE.2018-12-27T18-33-08Z
RELEASE.2019-01-10T00-21-20Z
RELEASE.2019-01-16T21-44-08Z
RELEASE.2019-01-23T23-18-58Z
RELEASE.2019-01-31T00-31-19Z
RELEASE.2019-02-06T21-16-36Z
RELEASE.2019-02-12T21-58-47Z
RELEASE.2019-02-14T00-21-45Z
RELEASE.2019-02-20T22-44-29Z
RELEASE.2019-02-26T19-51-46Z
RELEASE.2019-03-06T22-47-10Z
RELEASE.2019-03-13T21-59-47Z
RELEASE.2019-03-20T22-38-47Z
RELEASE.2019-03-27T22-35-21Z
RELEASE.2019-04-04T18-31-46Z
RELEASE.2019-04-09T01-22-30Z
RELEASE.2019-04-18T01-15-57Z
RELEASE.2019-04-18T21-44-59Z
RELEASE.2019-04-23T23-50-36Z
RELEASE.2019-05-02T19-07-09Z
RELEASE.2019-05-14T23-57-45Z
RELEASE.2019-05-23T00-29-34Z
RELEASE.2019-06-01T03-46-14Z
RELEASE.2019-06-04T01-15-58Z
RELEASE.2019-06-11T00-44-33Z
RELEASE.2019-06-13T01-41-13Z
RELEASE.2019-06-15T23-07-18Z
RELEASE.2019-06-19T18-24-42Z
RELEASE.2019-06-27T21-13-50Z
RELEASE.2019-07-05T21-20-21Z
RELEASE.2019-07-10T00-34-56Z
RELEASE.2019-07-17T22-54-12Z
RELEASE.2019-07-24T02-02-23Z
RELEASE.2019-07-31T18-57-56Z
RELEASE.2019-08-01T22-18-54Z
RELEASE.2019-08-07T01-59-21Z
RELEASE.2019-08-14T20-37-41Z
RELEASE.2019-08-21T19-40-07Z
RELEASE.2019-08-29T00-25-01Z
RELEASE.2019-09-05T23-24-38Z
RELEASE.2019-09-11T19-53-16Z
RELEASE.2019-09-18T21-55-05Z
RELEASE.2019-09-25T18-25-51Z
RELEASE.2019-09-26T19-42-35Z
RELEASE.2019-10-02T21-19-38Z
RELEASE.2019-10-11T00-38-09Z
RELEASE.2019-10-12T01-39-57Z
RELEASE.2019-12-17T23-16-33Z
RELEASE.2019-12-19T22-52-26Z
RELEASE.2019-12-24T23-04-45Z
RELEASE.2019-12-30T05-45-39Z
RELEASE.2020-01-03T19-12-21Z
RELEASE.2020-01-16T03-05-44Z
RELEASE.2020-01-16T22-40-29Z
RELEASE.2020-01-25T02-50-51Z
RELEASE.2020-02-07T04-56-50Z
RELEASE.2020-02-07T23-28-16Z
RELEASE.2020-02-20T22-51-23Z
RELEASE.2020-02-27T00-23-05Z
RELEASE.2020-03-05T01-04-19Z
RELEASE.2020-03-06T22-23-56Z
RELEASE.2020-03-09T18-26-53Z
RELEASE.2020-03-14T02-21-58Z
RELEASE.2020-03-19T21-49-00Z
RELEASE.2020-03-25T07-03-04Z
RELEASE.2020-04-02T21-34-49Z
RELEASE.2020-04-04T05-39-31Z
RELEASE.2020-04-10T03-34-42Z
RELEASE.2020-04-15T00-39-01Z
RELEASE.2020-04-15T19-42-18Z
RELEASE.2020-04-22T00-11-12Z
RELEASE.2020-04-23T00-58-49Z
RELEASE.2020-04-28T23-56-56Z
RELEASE.2020-05-01T22-19-14Z
RELEASE.2020-05-06T23-23-25Z
RELEASE.2020-05-08T02-40-49Z
RELEASE.2020-05-16T01-33-21Z
RELEASE.2020-05-28T23-29-21Z
RELEASE.2020-05-29T14-08-49Z
RELEASE.2020-06-01T17-28-03Z
RELEASE.2020-06-03T22-13-49Z
RELEASE.2020-06-12T00-06-19Z
RELEASE.2020-07-11T06-07-16Z
RELEASE.2020-07-11T21-14-23Z
RELEASE.2020-07-12T19-14-17Z
RELEASE.2020-07-13T18-09-56Z
RELEASE.2020-07-14T19-14-30Z
RELEASE.2020-07-18T18-48-16Z
RELEASE.2020-07-20T02-25-16Z
RELEASE.2020-07-22T00-26-33Z
RELEASE.2020-07-24T22-43-05Z
RELEASE.2020-07-27T18-37-02Z
RELEASE.2020-07-31T03-39-05Z
RELEASE.2020-08-04T23-10-51Z
RELEASE.2020-08-05T21-34-13Z
RELEASE.2020-08-07T01-23-07Z
RELEASE.2020-08-08T04-50-06Z
RELEASE.2020-08-13T02-39-50Z
RELEASE.2020-08-16T18-39-38Z
RELEASE.2020-08-18T19-41-00Z
RELEASE.2020-08-25T00-21-20Z
RELEASE.2020-08-26T00-00-49Z
RELEASE.2020-08-27T05-16-20Z
RELEASE.2020-09-02T18-19-50Z
RELEASE.2020-09-05T07-14-49Z
RELEASE.2020-09-08T23-05-18Z
RELEASE.2020-09-10T22-02-45Z
RELEASE.2020-09-16T04-22-35Z
RELEASE.2020-09-17T04-49-20Z
RELEASE.2020-09-21T22-31-59Z
RELEASE.2020-09-23T19-18-30Z
RELEASE.2020-09-26T03-44-56Z
RELEASE.2020-10-03T02-19-42Z
RELEASE.2020-10-09T22-55-05Z
RELEASE.2020-10-12T21-53-21Z
RELEASE.2020-10-18T21-54-12Z
RELEASE.2020-10-27T04-03-55Z
RELEASE.2020-10-28T08-16-50Z
RELEASE.2020-11-06T23-17-07Z
RELEASE.2020-11-10T21-02-24Z
RELEASE.2020-11-12T22-33-34Z
RELEASE.2020-11-13T20-10-18Z
RELEASE.2020-11-19T23-48-16Z
RELEASE.2020-11-25T22-36-25Z
RELEASE.2020-12-03T00-03-10Z
RELEASE.2020-12-03T05-49-24Z
RELEASE.2020-12-10T01-54-29Z
RELEASE.2020-12-12T08-39-07Z
RELEASE.2020-12-16T05-05-17Z
RELEASE.2020-12-18T03-27-42Z
RELEASE.2020-12-23T02-24-12Z
RELEASE.2020-12-26T01-35-54Z
RELEASE.2020-12-29T23-29-29Z
RELEASE.2021-01-05T05-22-38Z
RELEASE.2021-01-08T21-18-21Z
RELEASE.2021-01-16T02-19-44Z
RELEASE.2021-01-30T00-20-58Z
RELEASE.2021-02-01T22-56-52Z
RELEASE.2021-02-07T01-31-02Z
RELEASE.2021-02-11T08-23-43Z
RELEASE.2021-02-14T04-01-33Z
RELEASE.2021-02-19T04-38-02Z
RELEASE.2021-02-23T20-05-01Z
RELEASE.2021-02-24T18-44-45Z
RELEASE.2021-03-01T04-20-55Z
RELEASE.2021-03-04T00-53-13Z
RELEASE.2021-03-10T05-11-33Z
RELEASE.2021-03-12T00-00-47Z
RELEASE.2021-03-17T02-33-02Z
RELEASE.2021-03-26T00-00-41Z
RELEASE.2021-04-18T19-26-29Z
RELEASE.2021-04-22T15-44-28Z
RELEASE.2021-05-11T23-27-41Z
RELEASE.2021-05-16T05-32-34Z
RELEASE.2021-05-18T00-53-28Z
RELEASE.2021-05-20T22-31-44Z
RELEASE.2021-05-22T02-34-39Z
RELEASE.2021-05-26T00-22-46Z
RELEASE.2021-05-27T22-06-31Z
RELEASE.2021-06-07T21-40-51Z
RELEASE.2021-06-09T18-51-39Z
RELEASE.2021-06-14T01-29-23Z
RELEASE.2021-06-17T00-10-46Z
RELEASE.2021-07-08T01-15-01Z
RELEASE.2021-07-08T19-43-25Z
RELEASE.2021-07-12T02-44-53Z
RELEASE.2021-07-15T22-27-34Z
RELEASE.2021-07-21T22-15-23Z
RELEASE.2021-07-22T05-23-32Z
RELEASE.2021-07-27T02-40-15Z
RELEASE.2021-07-30T00-02-00Z
RELEASE.2021-08-05T22-01-19Z
RELEASE.2021-08-17T20-53-08Z
RELEASE.2021-08-20T18-32-01Z
RELEASE.2021-08-25T00-41-18Z
RELEASE.2021-08-31T05-46-54Z
RELEASE.2021-09-03T03-56-13Z
RELEASE.2021-09-09T21-37-07Z
RELEASE.2021-09-15T04-54-25Z
RELEASE.2021-09-18T18-09-59Z
RELEASE.2021-09-23T04-46-24Z
RELEASE.2021-09-24T00-24-24Z
RELEASE.2021-10-02T16-31-05Z
RELEASE.2021-10-06T23-36-31Z
RELEASE.2021-10-08T23-58-24Z
RELEASE.2021-10-10T16-53-30Z
RELEASE.2021-10-13T00-23-17Z
RELEASE.2021-10-23T03-28-24Z
RELEASE.2021-10-27T16-29-42Z
RELEASE.2021-11-03T03-36-36Z
RELEASE.2021-11-05T09-16-26Z
RELEASE.2021-11-09T03-21-45Z
RELEASE.2021-11-24T23-19-33Z
RELEASE.2021-12-09T06-19-41Z
RELEASE.2021-12-10T23-03-39Z
RELEASE.2021-12-18T04-42-33Z
RELEASE.2021-12-20T22-07-16Z
RELEASE.2021-12-27T07-23-18Z
RELEASE.2021-12-29T06-49-06Z
RELEASE.2022-01-03T18-22-58Z
RELEASE.2022-01-04T07-41-07Z
RELEASE.2022-01-07T01-53-23Z
RELEASE.2022-01-08T03-11-54Z
RELEASE.2022-01-25T19-56-04Z
RELEASE.2022-01-27T03-53-02Z
RELEASE.2022-01-28T02-28-16Z
RELEASE.2022-02-01T18-00-14Z
RELEASE.2022-02-05T04-40-59Z
RELEASE.2022-02-07T08-17-33Z
RELEASE.2022-02-12T00-51-25Z
RELEASE.2022-02-16T00-35-27Z
RELEASE.2022-02-17T23-22-26Z
RELEASE.2022-02-18T01-50-10Z
RELEASE.2022-02-24T22-12-01Z
RELEASE.2022-02-26T02-54-46Z
RELEASE.2022-03-03T21-21-16Z
RELEASE.2022-03-05T06-32-39Z
RELEASE.2022-03-08T22-28-51Z
RELEASE.2022-03-11T11-08-23Z
RELEASE.2022-03-11T23-57-45Z
RELEASE.2022-03-14T18-25-24Z
RELEASE.2022-03-17T02-57-36Z
RELEASE.2022-03-17T06-34-49Z
RELEASE.2022-03-22T02-05-10Z
RELEASE.2022-03-24T00-43-44Z
RELEASE.2022-03-26T06-49-28Z
RELEASE.2022-04-01T03-41-39Z
RELEASE.2022-04-08T19-44-35Z
RELEASE.2022-04-09T15-09-52Z

Other

release-1434511043