Joyent Smart Data Center Docker API Zone Escape Privilege Escalation Vulnerability

ID ZDI-17-453
Type zdi
Reporter Ben Murphy
Modified 2017-07-07T00:00:00


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the docker API. The process does not properly validate user-supplied data which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute arbitrary code under the context of root.