vulnerability
Red Hat: CVE-2016-8867: Important: docker security update (RHSA-2020:2653)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Oct 28, 2016 | Jun 24, 2020 | Jun 24, 2020 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Oct 28, 2016
Added
Jun 24, 2020
Modified
Jun 24, 2020
Description
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.
Solution(s)
redhat-upgrade-dockerredhat-upgrade-docker-clientredhat-upgrade-docker-commonredhat-upgrade-docker-debuginforedhat-upgrade-docker-logrotateredhat-upgrade-docker-lvm-pluginredhat-upgrade-docker-novolume-pluginredhat-upgrade-docker-rhel-push-pluginredhat-upgrade-docker-v1-10-migrator
References

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.