CVE-2018-1197

2018-03-1918:00:00

dell

www.cve.org

AI Score

8.4

Confidence

High

EPSS

0.001

Percentile

42.8%

JSON

In Windows Stemcells versions prior to 1200.14, apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access to gain privileged credentials.

CNA Affected

[
  {
    "product": "Windows Stemcells",
    "vendor": "Dell EMC",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to 1200.14"
      }
    ]
  }
]

References

www.cloudfoundry.org/blog/cve-2018-1197/