CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
Low
Vulnerability of authorization plugins (AuthZ) of the software for automating deployment and management of applications in containerized environments Docker Engine is related to flaws in the AuthZ plugin.
application management in containerization-enabled environments Docker Engine is associated with flaws in
in the processing of HTTP requests. Exploitation of the vulnerability could allow an attacker acting remotely,
elevate their privileges by sending a specially crafted API request with Content-Length equal to 0