Execution with Unnecessary Privileges
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-250: Execution with Unnecessary Privileges |
| Confidence Level | Low |
| Impact Level | High |
| Likelihood Level | Low |
Description#
The code runs or creates Docker containers using user-provided input without validating or restricting what images or commands can be executed. This allows untrusted data to control which containers are started.
Impact#
An attacker could use this vulnerability to run arbitrary containers, potentially executing malicious code on the host, accessing sensitive data, or escalating privileges. This could compromise the entire system and affect other applications running on the same host.