CVE-2017-7412

HIGH

NixOS 17.03 <17.03.887 - Privilege Escalation

Title source: llm
STIX 2.1

Description

NixOS 17.03 before 17.03.887 has a world-writable Docker socket, which allows local users to gain privileges by executing docker commands.

Scores

CVSS v3 7.8
EPSS 0.0036
EPSS Percentile 28.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (1)
nixos/nixos 17.03
Published Apr 04, 2017
Tracked Since Feb 18, 2026