Vulnerabilities > CVE-2018-16398 - Unspecified vulnerability in Twistlock Authz Broker 0.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
In Twistlock AuthZ Broker 0.1, regular expressions are mishandled, as demonstrated by containers/aa/pause?aaa=\/start to bypass a policy in which "docker start" is allowed but "docker pause" is not allowed.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |