Description

Executive Summary An Elevation of Privilege (EOP) vulnerability has been identified within Service Fabric clusters that run Docker containers. Exploitation of this EOP vulnerability requires an attacker to gain remote code execution within a container. All Service Fabric and Docker versions are impacted.

Related CPE's

a

microsoft

service_fabric

-

Vulnerable

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30137

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30137

PatchVendor Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-noinfo

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-06-15T22:15:13.473

3 years ago

Last modified

2025-01-02T19:16:14.573

6 months ago