CVE-2016-6349
NONE EPSS 31.7%
Published Mar 29, 20179y ago · Modified Jun 17, 20262w ago
Published Mar 29, 2017 9y ago
Last Modified Jun 17, 2026 2w ago
Description
The machinectl command in oci-register-machine allows local users to list running containers and possibly obtain sensitive information by running that command.
Threat Intelligence
EPSS Exploit Probability
31.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| projectatomic | oci-register-machine | * | any |
References 5
- openwall.com http://www.openwall.com/lists/oss-security/2016/07/26/9
- openwall.com http://www.openwall.com/lists/oss-security/2016/10/13/7
- securityfocus.com http://www.securityfocus.com/bid/92143
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1360634
- github.com https://github.com/projectatomic/oci-register-machine/pull/22
Remediation
- github.com https://github.com/projectatomic/oci-register-machine/pull/22