Lucene search

K
cvelistPalo_altoCVELIST:CVE-2021-3101
HistoryApr 19, 2022 - 10:15 p.m.

CVE-2021-3101 Hotdog Container Escape

2022-04-1922:15:21
CWE-250
palo_alto
www.cve.org
2
hotdog
container escape
cve-2021-3101
selinux
privileges
host restrictions

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

17.8%

Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux label of the target JVM process. This would allow a container to gain full privileges on the host, bypassing restrictions set on the container.

CNA Affected

[
  {
    "product": "Hotdog",
    "vendor": "Amazon Web Services",
    "versions": [
      {
        "lessThan": "1.0.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

17.8%

Related for CVELIST:CVE-2021-3101