5 matches found
New 'FabricScape' Bug in Microsoft Azure Service Fabric Impacts Linux Workloads
Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft's Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster. The issue, which has been dubbed FabricScape CVE-2022-30137,...
Service Fabric Privilege Escalation from Containerized Workloads on Linux
Under Coordinated Vulnerability Disclosure CVD, cloud-security vendor Palo Alto Networks informed Microsoft of an issue affecting Service Fabric SF Linux clusters CVE-2022-30137. The vulnerability enables a bad actor, with access to a compromised container, to escalate privileges and gain control...
CVE-2022-30137
creationtimestamp| type| source ---|---|--- 2022-06-28 05:00:00+00:00| seen| https://msrc.microsoft.com/blog/2022/06/azure-service-fabric-privilege-escalation-from-containerized-workloads-on-linux/ 2022-06-29 15:31:02+00:00| seen| https://t.me/truesecator/3112 2022-06-30 15:19:43+00:00| seen|...
CVE-2022-30137
Executive Summary An Elevation of Privilege EOP vulnerability has been identified within Service Fabric clusters that run Docker containers. Exploitation of this EOP vulnerability requires an attacker to gain remote code execution within a container. All Service Fabric and Docker versions are...
CVE-2022-30137
Azure Service Fabric containers on Linux are affected by CVE-2022-30137, enabling privilege escalation for an attacker with access to a compromised container. MSRC explains the issue as: a bad actor can escalate from containerized workloads to the host SF node and potentially take control of the ...