CVE-2019-12997

Name of the Vulnerable Software and Affected Versions Loopchain versions prior to 2.2.1.4

Description The issue allows an attacker to escalate privileges from a low-privilege shell by changing the environment, specifically through injection in the DEFAULT SCORE HOST environment variable.

Recommendations For Loopchain versions prior to 2.2.1.4, update to version 2.2.1.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the DEFAULT SCORE HOST environment variable to minimize the risk of exploitation.