Main Vulnerability Database Vulnerabilities #VU61829

#VU61829 Permissions, Privileges, and Access Controls in Podman - CVE-2022-27649

Published: April 4, 2022 / Updated: April 14, 2022

Vulnerability identifier: #VU61829

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2022-27649

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Podman

Software vendor:
Container Projects

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to excess inheritable capabilities set, which leads to security restrictions bypass and privilege escalation.

Install updates from vendor's website.