topic cve-2024-41110 Docker vulnerability impact XSOAR? in Cortex XSOAR Discussions https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/cve-2024-41110-docker-vulnerability-impact-xsoar/m-p/594492#M3523 <P>Who is impacted?<BR />Users of Docker Engine v19.03.x and later versions who rely on authorization plugins to make access control decisions.</P> <P>Who is not impacted?<BR />Users of Docker Engine v19.03.x and later versions who do not rely on authorization plugins to make access control decisions and users of all versions of Mirantis Container Runtime are not vulnerable.<BR />Users of Docker commercial products and internal infrastructure who do not rely on AuthZ plugins are unaffected.</P> <P><LI-WRAPPER></LI-WRAPPER></P> <P>&nbsp;</P> <P>Anyone know if <LI-PRODUCT title="Cortex XSOAR" id="Cortex_XSOAR"></LI-PRODUCT>&nbsp;relies on authorization plugins in Docker and is therefore impacted by this?</P> Fri, 09 Aug 2024 12:26:49 GMT Jim931279454 2024-08-09T12:26:49Z cve-2024-41110 Docker vulnerability impact XSOAR? https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/cve-2024-41110-docker-vulnerability-impact-xsoar/m-p/594492#M3523 <P>Who is impacted?<BR />Users of Docker Engine v19.03.x and later versions who rely on authorization plugins to make access control decisions.</P> <P>Who is not impacted?<BR />Users of Docker Engine v19.03.x and later versions who do not rely on authorization plugins to make access control decisions and users of all versions of Mirantis Container Runtime are not vulnerable.<BR />Users of Docker commercial products and internal infrastructure who do not rely on AuthZ plugins are unaffected.</P> <P><LI-WRAPPER></LI-WRAPPER></P> <P>&nbsp;</P> <P>Anyone know if <LI-PRODUCT title="Cortex XSOAR" id="Cortex_XSOAR"></LI-PRODUCT>&nbsp;relies on authorization plugins in Docker and is therefore impacted by this?</P> Fri, 09 Aug 2024 12:26:49 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/cve-2024-41110-docker-vulnerability-impact-xsoar/m-p/594492#M3523 Jim931279454 2024-08-09T12:26:49Z Re: cve-2024-41110 Docker vulnerability impact XSOAR? https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/cve-2024-41110-docker-vulnerability-impact-xsoar/m-p/594494#M3524 <P>I'll answer my own question, doesn't look like it:</P> <P>&nbsp;</P> <P>Client: Docker Engine - Community Version: 25.0.1</P> <P>Context: default</P> <P>Debug Mode: false</P> <P>Plugins:</P> <P>&nbsp; &nbsp; buildx: Docker Buildx (Docker Inc.) Version: v0.12.1</P> <P>&nbsp; &nbsp; &nbsp; &nbsp; Path: /usr/libexec/docker/cli-plugins/docker-buildx</P> <P>&nbsp; &nbsp;compose: Docker Compose (Docker Inc.) Version: v2.24.2</P> <P>&nbsp; &nbsp; &nbsp; &nbsp;Path: /usr/libexec/docker/cli-plugins/docker-compose</P> Fri, 09 Aug 2024 12:42:19 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/cve-2024-41110-docker-vulnerability-impact-xsoar/m-p/594494#M3524 Jim931279454 2024-08-09T12:42:19Z