CVE-2022-30137 - Executive Summary An Elevation of Privilege (EOP) vulnerability has been

CVE-2022-30137

Summary

Executive Summary An Elevation of Privilege (EOP) vulnerability has been identified within Service Fabric clusters that run Docker containers. Exploitation of this EOP vulnerability requires an attacker to gain remote code execution within a container. All Service Fabric and Docker versions are impacted.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30137

Vulnerable Configurations

cpe:2.3:a:microsoft:service_fabric:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:service_fabric:-:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 20-12-2023 - 22:15)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

Last major update

20-12-2023 - 22:15

Published

15-06-2022 - 22:15

Last modified

20-12-2023 - 22:15