Vulnerability Details CVE-2022-43915
IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, and 12.1 does not limit calls to unshare in running Pods. This can allow a user with privileged access to execute commands in a running Pod to elevate their user privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.5%
CVSS Severity
CVSS v3 Score 6.8
References
Products affected by CVE-2022-43915
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:5.0
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:7.1
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:7.2
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.0
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.1
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.2
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.0
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.1
-
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2