Summary
Cross-account container escape
Affected Services
ACI
Remediation
Revoking any privileged credentials that were deployed to the
platform before Aug. 31, 2021, and checking their access logs for irregularities.
Tracked CVEs
No tracked CVEs
References
Contributed by https://github.com/0xdabbad00
Entry Status
Finalized
Disclosure Date
Thu, Sep 9th, 2021
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Piercing Index Rating
9.19
(PI:1.5/A1:20/A2:1.1/A7:1.1/A8:1.1)
Discovered by
Yuval Avrahami, Palo Alto
