Executive Summary
| Summary | |
|---|---|
| Title | Container Privilege Escalation Vulnerability Affecting Cisco Products: February 2019 |
| Informations | |||
|---|---|---|---|
| Name | cisco-sa-20190215-runc | First vendor Publication | 2019-02-15 |
| Vendor | Cisco | Last vendor Modification | 2019-02-15 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A vulnerability in the Open Container Initiative runc CLI tool used by multiple products could allow an unauthenticated, remote attacker to escalate privileges on a targeted system. The vulnerability exists because the affected software improperly handles file descriptors related to /proc/self/exe. An attacker could exploit the vulnerability either by persuading a user to create a new container using an attacker-controlled image or by using the docker exec command to attach into an existing container that the attacker already has write access to. A successful exploit could allow the attacker to overwrite the host's runc binary file with a malicious file, escape the container, and execute arbitrary commands with root privileges on the host system. This advisory will be updated as additional information becomes available. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc"] BEGIN PGP SIGNATURE iQJ5BAEBAgBjBQJcZwX4XBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczjzIQANgPqQKnb/GpcNY96DRULjjA0lxO 1HRsYxjpb+DqUECszX6rlzlvjQP4khTiRwGDG6Vnld0CUI5IucHc+XnPLVVa2UzT d7HpneFn2CBdI29oVJPawt3tR8+dHw/WInpTyZTidXp/v2V1zlMdeYjW8PvRr61M PGgrPqm+xo04528daw1/1yyKPoVVTuQB49RtralyvCbSchQlHd23jSYQsL8ycIh +sqDs7Mi9n3HKv+GVYV6vXUNhvMu7a4qUJ5H9fApmcKSxTtyy8Fkrywgd1JASmp+k h+DDx63FDFj/ZLu6rQV5iAbfrW7thID7rshXTZUQ3fP+PiEa/JAZV4wTrsysTtyi H5793cmNXKL/VVOUKhZSL58DS6E0zQrypclcr1w6wTwJI3R1GexsKfWuZlAPP6HO 4es7kHY/5XRH4TPBgrT9ZBDXRJT7XWxhTt62Sb5RjvaRPfhTseh/iGqzwUmtfqIb gWIAUiWqsYb2muTGeNnbTb5lWRuKmOkfe+7zcaajC7P3fRPE3pD61lQeU8om8PiB MGkoipFnJlZ/DqRpKnZxX32ZTlY3fd+wPA1T62JTqhJ3X1I3MBQvDwSKFfEIA2OE VvQd7EkNDX90JSYkrVLXr6n35OietjedPV8ISj5lKqCiXATNoWA34OFMT6xdQ4Hh ZreDQnlAutNJexwH =IMUK END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
| Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection') (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-03-19 | Multiple products runc arbitrary code execution attempt RuleID : 49195 - Revision : 2 - Type : SERVER-OTHER |
Alert History
| Date | Informations |
|---|---|
| 2019-02-20 12:12:09 |
|
| 2019-02-15 21:18:26 |
|
