CVE-2024-38487

Description

api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

High

Affected products

Dell / EMC VxRail Appliance0 – 7.0.520

References

MISChttps://www.dell.com/support/kbdoc/en-us/000226270/dsa-2024-247-security-update-for-dell-vxrail-7-0-520-multiple-third-party-component-vulnerabilities