CVE-2019-8339

Опубликовано: 17 мая 2019

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

An issue was discovered in Falco through 0.14.0. A missing indicator for insufficient resources allows local users to bypass the detection engine.

Ссылки

https://falco.org/docs/event-sources/dropped-events/
Vendor Advisory
https://github.com/falcosecurity/falco/pull/561
Patch
Third Party Advisory
https://sysdig.com/blog/cve-2019-8339-falco-vulnerability/
Vendor Advisory
https://www.twistlock.com/labs-blog/falco-vulnerability-cve-2019-8339/
Exploit
Third Party Advisory
https://falco.org/docs/event-sources/dropped-events/
Vendor Advisory
https://github.com/falcosecurity/falco/pull/561
Patch
Third Party Advisory
https://sysdig.com/blog/cve-2019-8339-falco-vulnerability/
Vendor Advisory
https://www.twistlock.com/labs-blog/falco-vulnerability-cve-2019-8339/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:falco:falco:*:*:*:*:*:*:*:*

Версия до 0.14.0 (включая)

EPSS

Процентиль: 28%

0.00101

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-416

Связанные уязвимости

GHSA-35j6-76jp-jqcj