CVE-2022-30137

Name of the Vulnerable Software and Affected Versions Service Fabric versions prior to 9.0.1.0 Docker versions (affected versions not specified)

Description An Elevation of Privilege vulnerability has been identified within Service Fabric clusters that run Docker containers. Exploitation of this vulnerability requires an attacker to gain remote code execution within a container. The vulnerability is related to insufficient access control and can be exploited to bypass security restrictions and elevate privileges. According to Microsoft, Service Fabric hosts over 1 million applications daily and supports many Azure products. The vulnerability, named FabricScape, is located in the Diagnostics Collection Agent (DCA) component and can be used to gain control over the SF-node and the entire cluster. The issue affects both Windows and Linux platforms but can only be exploited on Linux.

Recommendations For Service Fabric versions prior to 9.0.1.0, update to the latest release, Service Fabric 9.0.1.0, to resolve the issue. As a temporary workaround, consider restricting access to the Diagnostics Collection Agent (DCA) component until a patch is available. Avoid using containers with runtime access enabled, as this can increase the risk of exploitation.