Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins,
Docker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins (AuthZ) under specific circumstances.
Tracked as CVE-2024-41110, the bypass and privilege escalation vulnerability carries a CVSS score of 10.0, indicating maximum severity.
« An attacker could exploit a bypass using an API request with Content-Length set
Tracked as CVE-2024-41110, the bypass and privilege escalation vulnerability carries a CVSS score of 10.0, indicating maximum severity.
« An attacker could exploit a bypass using an API request with Content-Length set
,
Docker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins (AuthZ) under specific circumstances.
Tracked as CVE-2024-41110, the bypass and privilege escalation vulnerability carries a CVSS score of 10.0, indicating maximum severity.
« An attacker could exploit a bypass using an API request with Content-Length set
Tracked as CVE-2024-41110, the bypass and privilege escalation vulnerability carries a CVSS score of 10.0, indicating maximum severity.
« An attacker could exploit a bypass using an API request with Content-Length set
, ,
https://thehackernews.com/2024/07/critical-docker-engine-flaw-allows.html