CVE-2022-43915 Information

Description

IBM App Connect Enterprise Certified Container 5.0 7.1 7.2 8.0 8.1 8.2 9.0 9.1 9.2 10.0 10.1 11.0 11.1 11.2 11.3 11.4 11.5 11.6 12.0 and 12.1 does not limit calls to unshare in running Pods. This can allow a user with access to execute commands in a running Pod to elevate their user privileges.

Reference

https://www.ibm.com/support/pages/node/7166463 https://exchange.xforce.ibmcloud.com/vulnerabilities/241037