CVE-2018-1197

2018-02-2200:00:00

dell

www.cve.org

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

In Windows Stemcells versions prior to 1200.14, apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access to gain privileged credentials.

CNA Affected

[
  {
    "product": "Windows Stemcells",
    "vendor": "Dell EMC",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to 1200.14"
      }
    ]
  }
]

References

www.cloudfoundry.org/blog/cve-2018-1197/