Unrated severityNVD Advisory· Published Mar 16, 2021· Updated Aug 4, 2024
CVE-2020-24263
CVE-2020-24263
Description
Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical capabilities such as SYS_MODULE, which can be used to take over the Docker host.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Portainer/Portainerdescription
Patches
Vulnerability mechanics
References
1- github.com/portainer/portainer/issues/4105mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.