Arbitrary code execution vulnerability in docker via a symlink or hard link attackID: oval:org.secpod.oval:def:24745 | Date: (C)2015-06-08 (M)2022-09-09 |
Class: VULNERABILITY | Family: unix |
The host is installed with docker in RHEL 7 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle symbolic and hardlink issues. Successful exploitation could allow attackers to write to arbitrary files and execute arbitrary code.
Platform: |
Red Hat Enterprise Linux 7 |