Misconfigured Capability Policies in Docker Engine 1.12.2 Enable Unauthorized File Access
CVE-2016-8867 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.
Learn more about our User Device Pen Test.