In Windows Stemcells versions prior to 1200.14, apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access to gain privileged credentials.
CPE | Name | Operator | Version |
---|---|---|---|
windows_stemcells | lt | 1200.14 |