{"vulnerability": "GHSA-m8gj-6r85-3r6m", "sightings": [{"uuid": "5ce0c9d9-d510-42b0-9d3b-b5416dbe64a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-m8gj-6r85-3r6m", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113839713874243661", "content": "", "creation_timestamp": "2025-01-16T19:36:21.537197Z"}, {"uuid": "91b12c95-3c9a-4b78-8b3b-4de6a7b15378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-M8GJ-6R85-3R6M", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2020", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55954\n\ud83d\udd39 Description: OpenObserve is a cloud-native observability platform. A vulnerability in the user management endpoint `/api/{org_id}/users/{email_id}` allows an \"Admin\" role user to remove a \"Root\" user from the organization. This violates the intended privilege hierarchy, enabling a non-root user to remove the highest-privileged account. Due to insufficient role checks, the `remove_user_from_org` function does not prevent an \"Admin\" user from removing a \"Root\" user. As a result, an attacker with an \"Admin\" role can remove critical \"Root\" users, potentially gaining effective full control by eliminating the highest-privileged accounts. The `DELETE /api/{org_id}/users/{email_id}` endpoint is affected. This issue has been addressed in release version `0.14.1` and all users are advised to upgrade. There are no known workarounds for this vulnerability.\n\ud83d\udccf Published: 2025-01-16T19:30:39.218Z\n\ud83d\udccf Modified: 2025-01-16T19:30:39.218Z\n\ud83d\udd17 References:\n1. https://github.com/openobserve/openobserve/security/advisories/GHSA-m8gj-6r85-3r6m\n2. https://github.com/gaby/openobserve/blob/main/src/service/users.rs#L631", "creation_timestamp": "2025-01-16T19:56:03.000000Z"}]}