Lucene search
This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2020-2653.NASLHistoryJun 24, 2020 - 12:00 a.m.
RHEL 7 : docker (RHSA-2020:2653)
2020-06-2400:00:00
This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
77
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
0.004 Low
EPSS
Percentile
73.6%
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2653 advisory.
-
docker: Ambient capability usage in containers (CVE-2016-8867)
-
docker: Security regression of CVE-2019-5736 due to inclusion of vulnerable runc (CVE-2020-14298)
-
docker: Security regression of CVE-2016-9962 due to inclusion of vulnerable runc (CVE-2020-14300)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2020:2653. The text
# itself is copyright (C) Red Hat, Inc.
##
include('compat.inc');
if (description)
{
script_id(137755);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/05/25");
script_cve_id("CVE-2016-8867", "CVE-2020-14298", "CVE-2020-14300");
script_bugtraq_id(94228);
script_xref(name:"RHSA", value:"2020:2653");
script_name(english:"RHEL 7 : docker (RHSA-2020:2653)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2020:2653 advisory.
- docker: Ambient capability usage in containers (CVE-2016-8867)
- docker: Security regression of CVE-2019-5736 due to inclusion of vulnerable runc (CVE-2020-14298)
- docker: Security regression of CVE-2016-9962 due to inclusion of vulnerable runc (CVE-2020-14300)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2016-8867");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-14298");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-14300");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:2653");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1390163");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1848239");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1848829");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-8867");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2020-14300");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(271);
script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/27");
script_set_attribute(attribute:"patch_publication_date", value:"2020/06/23");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/24");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-logrotate");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-lvm-plugin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-novolume-plugin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-rhel-push-plugin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:docker-v1.10-migrator");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/extras/debug',
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/extras/os',
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/extras/source/SRPMS',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/extras/debug',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/extras/os',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/extras/source/SRPMS',
'content/dist/rhel/client/7/7Client/x86_64/extras/debug',
'content/dist/rhel/client/7/7Client/x86_64/extras/os',
'content/dist/rhel/client/7/7Client/x86_64/extras/source/SRPMS',
'content/dist/rhel/power-le/7/7Server/ppc64le/extras/debug',
'content/dist/rhel/power-le/7/7Server/ppc64le/extras/os',
'content/dist/rhel/power-le/7/7Server/ppc64le/extras/source/SRPMS',
'content/dist/rhel/server/7/7Server/x86_64/extras/debug',
'content/dist/rhel/server/7/7Server/x86_64/extras/os',
'content/dist/rhel/server/7/7Server/x86_64/extras/source/SRPMS',
'content/dist/rhel/system-z/7/7Server/s390x/extras/debug',
'content/dist/rhel/system-z/7/7Server/s390x/extras/os',
'content/dist/rhel/system-z/7/7Server/s390x/extras/source/SRPMS',
'content/dist/rhel/workstation/7/7Workstation/x86_64/extras/debug',
'content/dist/rhel/workstation/7/7Workstation/x86_64/extras/os',
'content/dist/rhel/workstation/7/7Workstation/x86_64/extras/source/SRPMS'
],
'pkgs': [
{'reference':'docker-1.13.1-162.git64e9980.el7_8', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-1.13.1-162.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-1.13.1-162.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-client-1.13.1-162.git64e9980.el7_8', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-client-1.13.1-162.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-client-1.13.1-162.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-common-1.13.1-162.git64e9980.el7_8', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-common-1.13.1-162.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-common-1.13.1-162.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-logrotate-1.13.1-162.git64e9980.el7_8', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-logrotate-1.13.1-162.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-logrotate-1.13.1-162.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-lvm-plugin-1.13.1-162.git64e9980.el7_8', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-lvm-plugin-1.13.1-162.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-lvm-plugin-1.13.1-162.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-novolume-plugin-1.13.1-162.git64e9980.el7_8', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-novolume-plugin-1.13.1-162.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-novolume-plugin-1.13.1-162.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-rhel-push-plugin-1.13.1-162.git64e9980.el7_8', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-rhel-push-plugin-1.13.1-162.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-rhel-push-plugin-1.13.1-162.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-v1.10-migrator-1.13.1-162.git64e9980.el7_8', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-v1.10-migrator-1.13.1-162.git64e9980.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'docker-v1.10-migrator-1.13.1-162.git64e9980.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get() + redhat_report_package_caveat();
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'docker / docker-client / docker-common / docker-logrotate / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | docker | p-cpe:/a:redhat:enterprise_linux:docker |
| redhat | enterprise_linux | 7 | cpe:/o:redhat:enterprise_linux:7 |
| redhat | enterprise_linux | docker-common | p-cpe:/a:redhat:enterprise_linux:docker-common |
| redhat | enterprise_linux | docker-client | p-cpe:/a:redhat:enterprise_linux:docker-client |
| redhat | enterprise_linux | docker-lvm-plugin | p-cpe:/a:redhat:enterprise_linux:docker-lvm-plugin |
| redhat | enterprise_linux | docker-novolume-plugin | p-cpe:/a:redhat:enterprise_linux:docker-novolume-plugin |
| redhat | enterprise_linux | docker-rhel-push-plugin | p-cpe:/a:redhat:enterprise_linux:docker-rhel-push-plugin |
| redhat | enterprise_linux | docker-logrotate | p-cpe:/a:redhat:enterprise_linux:docker-logrotate |
| redhat | enterprise_linux | docker-v1.10-migrator | p-cpe:/a:redhat:enterprise_linux:docker-v1.10-migrator |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8867
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14298
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14300
access.redhat.com/errata/RHSA-2020:2653
access.redhat.com/security/cve/CVE-2016-8867
access.redhat.com/security/cve/CVE-2020-14298
access.redhat.com/security/cve/CVE-2020-14300
bugzilla.redhat.com/1390163
bugzilla.redhat.com/1848239
bugzilla.redhat.com/1848829
Related
redhat
redhat
(RHSA-2020:2653) Important: docker security update
2020-06-23 19:31:12
(RHSA-2017:0123) Moderate: docker-latest security, bug fix, and enhancement update
2017-01-17 20:35:03
(RHSA-2017:0127) Moderate: runc security and bug fix update
2017-01-17 20:35:12
ibm
ibm
veracode
veracode
Information Disclosure
2020-06-24 03:08:12
Remote Code Execution
2020-06-24 03:08:12
Information Disclosure
2017-05-02 07:00:10
cve
cve
redhatcve
redhatcve
osv
osv
CVE-2020-14300
2020-07-13 22:15:12
CVE-2020-14298
2020-07-13 21:15:14
Information Exposure in RunC
2021-12-20 18:21:43
nvd
nvd
debiancve
debiancve
ubuntucve
ubuntucve
cvelist
cvelist
prion
prion
Code injection
2020-07-13 22:15:00
Design/Logic Flaw
2020-07-13 21:15:00
Design/Logic Flaw
2017-01-31 22:59:00
oraclelinux
oraclelinux
docker-engine docker-engine-selinux security and bugfix update
2017-01-13 00:00:00
runc security update
2019-02-11 00:00:00
runc bug fix update
2021-04-28 00:00:00
openvas
openvas
Fedora Update for docker-latest FEDORA-2017-fcd02e2c2d
2017-01-16 00:00:00
Mageia: Security Advisory (MGASA-2017-0189)
2022-01-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1964-1)
2021-06-09 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: docker-latest-1.12.6-2.git51ef5a8.fc25
2017-01-15 07:52:30
[SECURITY] Fedora 24 Update: docker-latest-1.12.6-1.git51ef5a8.fc24
2017-01-20 18:20:16
[SECURITY] Fedora 25 Update: docker-1.12.6-3.git51ef5a8.fc25
2017-01-13 02:25:44
altlinux
altlinux
Security fix for the ALT Linux 8 package runc version 1.0.0-alt2.gitc91b5be
2017-01-23 00:00:00
Security fix for the ALT Linux 10 package runc version 1.0.0-alt2.gitc91b5be
2017-01-23 00:00:00
Security fix for the ALT Linux 8 package runc version 1.0.0-alt7.git0a012df
2019-02-20 00:00:00
nessus
nessus
RHEL 7 : runc (RHSA-2017:0127)
2017-01-18 00:00:00
Fedora 24 : 2:docker-latest (2017-c2c2d1be16)
2017-01-23 00:00:00
Fedora 25 : 1:runc (2017-20cdb2063a)
2017-08-01 00:00:00
archlinux
archlinux
[ASA-201805-11] runc: privilege escalation
2018-05-16 00:00:00
[ASA-201701-19] docker: privilege escalation
2017-01-13 00:00:00
[ASA-201902-20] flatpak: privilege escalation
2019-02-17 00:00:00
threatpost
threatpost
Docker Patches Privilege Escalation Vulnerability
2017-01-18 14:26:35
Rethinking Cyber-Defense Strategies in the Public-Cloud Age
2022-04-19 17:29:49
Major Container Security Flaw Threatens Cascading Attacks
2019-02-12 18:28:41
gentoo
gentoo
runC: Privilege escalation
2017-01-12 00:00:00
amazon
amazon
Important: docker
2017-01-10 18:00:00
Important: docker
2019-02-08 22:28:00
mageia
mageia
Updated docker packages fix security vulnerability
2017-06-28 13:01:20
Updated lxc packages fix security vulnerability
2019-02-17 03:31:02
Updated opencontainers-runc packages fix security vulnerability
2019-02-13 14:08:25
github
github
Information Exposure in RunC
2021-12-20 18:21:43
zdt
zdt
runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (2)
2019-02-15 00:00:00
runC < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution Exploit
2019-02-12 00:00:00
impervablog
impervablog
Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners
2019-03-04 21:00:39
suse
suse
Security update for lxc (moderate)
2019-10-03 00:00:00
Security update for docker-runc (important)
2019-02-27 00:00:00
Security update for docker-runc (important)
2019-02-18 00:00:00
hackerone
hackerone
50m-ctf: CTF write-up: c8889970d9fb722066f31e804e351993
2019-03-03 10:08:22
Internet Bug Bounty: CVE-2019-5736: Escape from Docker and Kubernetes containers to root on host
2019-02-13 18:50:11
50m-ctf: $50 million CTF Writeup
2019-03-25 02:28:13
githubexploit
githubexploit
Exploit for OS Command Injection in Docker
2019-06-30 13:42:14
Exploit for OS Command Injection in Docker
2019-12-12 16:57:13
Exploit for OS Command Injection in Docker
2021-07-08 22:46:30
kitploit
kitploit
almalinux
almalinux
Important: container-tools:rhel8 security and bug fix update
2019-05-07 03:39:11
cbl_mariner
cbl_mariner
CVE-2019-5736 affecting package moby-buildx 0.4.1-3
2021-07-08 21:56:42
vmware
vmware
thn
thn
RunC Flaw Lets Attackers Escape Linux Containers to Gain Root on Hosts
2019-02-12 08:59:00
photon
photon
exploitpack
exploitpack
runc 1.0-rc6 (Docker 18.09.2) - Container Breakout (2)
2019-02-13 00:00:00
virtuozzo
virtuozzo
f5
f5
K46421255 : Docker privilege elevation vulnerability CVE-2019-5736
2019-03-01 00:00:00
cloudfoundry
cloudfoundry
CVE-2019-5736: runC container breakout | Cloud Foundry
2019-02-13 00:00:00
checkpoint_advisories
checkpoint_advisories
runc Container Escape (CVE-2019-5736)
2019-02-14 00:00:00
rocky
rocky
container-tools:rhel8 security and bug fix update
2019-05-07 03:39:11
cisco
cisco
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
0.004 Low
EPSS
Percentile
73.6%
Related for REDHAT-RHSA-2020-2653.NASL