Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple security vulnerabilities affect HCL AION
Vulnerability Description
HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configurations with security best practices requires minimizing privileges and avoiding root-level execution wherever possible.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
HCL AION 安全漏洞
Vulnerability Description
HCL AION是印度HCL公司的一款AI生命周期管理平台。 HCL AION存在安全漏洞,该漏洞源于容器基础镜像未正确认证,可能导致使用不受信任的容器镜像。
CVSS Information
N/A
Vulnerability Type
N/A