Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-0204

A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain root-level code execution on the host.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.8%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
Products affected by CVE-2019-0204
  • Apache » Mesos » Version: 1.4.0
    cpe:2.3:a:apache:mesos:1.4.0
  • Apache » Mesos » Version: 1.4.1
    cpe:2.3:a:apache:mesos:1.4.1
  • Apache » Mesos » Version: 1.4.2
    cpe:2.3:a:apache:mesos:1.4.2
  • Apache » Mesos » Version: 1.5.0
    cpe:2.3:a:apache:mesos:1.5.0
  • Apache » Mesos » Version: 1.5.1
    cpe:2.3:a:apache:mesos:1.5.1
  • Apache » Mesos » Version: 1.5.2
    cpe:2.3:a:apache:mesos:1.5.2
  • Apache » Mesos » Version: 1.6.0
    cpe:2.3:a:apache:mesos:1.6.0
  • Apache » Mesos » Version: 1.6.1
    cpe:2.3:a:apache:mesos:1.6.1
  • Apache » Mesos » Version: 1.7.0
    cpe:2.3:a:apache:mesos:1.7.0
  • Apache » Mesos » Version: 1.7.1
    cpe:2.3:a:apache:mesos:1.7.1
  • Apache » Mesos » Version: 1.8.0
    cpe:2.3:a:apache:mesos:1.8.0
  • Redhat » Fuse » Version: 7.5.0
    cpe:2.3:a:redhat:fuse:7.5.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved