{"id":99464,"date":"2019-09-19T22:59:26","date_gmt":"2019-09-20T05:59:26","guid":{"rendered":"https:\/\/unit42.paloaltonetworks.com\/?p=99464"},"modified":"2019-09-20T15:12:52","modified_gmt":"2019-09-20T22:12:52","slug":"critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097","status":"publish","type":"post","link":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/","title":{"rendered":"Harbor\u30b3\u30f3\u30c6\u30ca\u30ec\u30b8\u30b9\u30c8\u30ea\u306b\u7ba1\u7406\u8005\u306b\u7279\u6a29\u6607\u683c\u304c\u53ef\u80fd\u306a\u6df1\u523b\u306a\u8106\u5f31\u6027  (CVE-2019-16097)"},"content":{"rendered":"<h2><a id=\"post-99401-_k50hyoot35q0\"><\/a>\u30a8\u30b0\u30bc\u30af\u30c6\u30a3\u30d6\u30b5\u30de\u30ea\u30fc<\/h2>\n<p>\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u8105\u5a01\u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9\u30ea\u30b5\u30fc\u30c1\u30c1\u30fc\u30e0Unit 42\u306e\u30af\u30e9\u30a6\u30c9\u90e8\u9580\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fcAviv Sasson\u304c\u3001\u5e83\u304f\u5229\u7528\u3055\u308c\u3066\u3044\u308b\u30af\u30e9\u30a6\u30c9 \u30cd\u30a4\u30c6\u30a3\u30d6 \u30b3\u30f3\u30c6\u30ca \u30ec\u30b8\u30b9\u30c8\u30ea\u300cHarbor\u300d\u306b\u91cd\u5927\u306a\u8106\u5f31\u6027\u304c\u3042\u308b\u3053\u3068\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u672c\u8106\u5f31\u6027\u3092\u4f7f\u3063\u3066\u653b\u6483\u8005\u304c\u60aa\u610f\u306e\u3042\u308b\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3059\u308b\u3068Harbor\u30ec\u30b8\u30b9\u30c8\u30ea\u3092\u4e57\u3063\u53d6\u308b\u3053\u3068\u304c\u53ef\u80fd\u3067\u3059\u3002<\/p>\n<p>Harbor\u306e\u30e1\u30f3\u30c6\u30ca\u306f\u3001\u3053\u306e\u91cd\u8981\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u554f\u984c\u306b\u5bfe\u5fdc\u3059\u308b\u305f\u3081\u306e<a href=\"https:\/\/github.com\/goharbor\/harbor\/pull\/8917\">\u30d1\u30c3\u30c1<\/a>\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u307e\u3057\u305f\u3002\u30d0\u30fc\u30b8\u30e7\u30f3<a href=\"https:\/\/github.com\/goharbor\/harbor\/releases\/tag\/v1.7.6\">1.7.6<\/a>\u304a\u3088\u3073<a href=\"https:\/\/github.com\/goharbor\/harbor\/releases\/tag\/v1.8.3\">1.8.3<\/a>\u306b\u3053\u306e\u4fee\u6b63\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<p><strong>Unit 42\u3067\u306f\u3001\u8106\u5f31\u306a\u30c7\u30d5\u30a9\u30eb\u30c8\u306e\u8a2d\u5b9a\u3067\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u306b\u516c\u958b\u3055\u308c\u3066\u3044\u308bHarbor\u30ec\u30b8\u30b9\u30c8\u30ea\u304c1,300\u4ef6\u306b\u53ca\u3076\u3053\u3068\u3092\u78ba\u8a8d\u3057\u3066\u3044\u307e\u3059\u3002\u3053\u308c\u3089\u306f\u4fee\u6b63\u7248\u306b\u66f4\u65b0\u3055\u308c\u308b\u307e\u3067\u5371\u967a\u306a\u72b6\u614b\u306b\u3042\u308a\u307e\u3059\u3002<\/strong><\/p>\n<h2>\u80cc\u666f<\/h2>\n<p>Cloud Native Computing Foundation\uff08CNCF\uff09\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u306b\u8ca2\u732e\u3057\u3001\u6539\u5584\u3059\u308b\u30a4\u30cb\u30b7\u30a2\u30c1\u30d6\u306e\u4e00\u74b0\u3068\u3057\u3066\u3001\u3053\u3053\u306e\u3068\u3053\u308d\u79c1\u306fHarbour\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u306b\u7740\u76ee\u3057\u3066\u3044\u307e\u3057\u305f\u3002\u305d\u306e\u7d50\u679c\u3001\u30c7\u30d5\u30a9\u30eb\u30c8\u8a2d\u5b9a\u3067\u3001\u8ab0\u3067\u3082\u7ba1\u7406\u8005\u6a29\u9650\u3092\u53d6\u5f97\u3067\u304d\u308b\u91cd\u5927\u306a\u6a29\u9650\u6607\u683c\u306e\u8106\u5f31\u6027\u304c\u3042\u308b\u3053\u3068\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u5f53\u8a72\u8106\u5f31\u6027\u306b\u306f<a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-16097\">CVE-2019-16097<\/a>\u304c\u5272\u308a\u5f53\u3066\u3089\u308c\u30019\u670810\u65e5\u306b\u516c\u958b\u3055\u308c\u307e\u3057\u305f\u3002<\/p>\n<p><a href=\"https:\/\/goharbor.io\/\">Harbor<\/a>\u306f\u3001\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u306e\u30af\u30e9\u30a6\u30c9 \u30cd\u30a4\u30c6\u30a3\u30d6 \u30b3\u30f3\u30c6\u30ca \u30ec\u30b8\u30b9\u30c8\u30ea\u3067\u3001\u30b3\u30f3\u30c6\u30ca \u30a4\u30e1\u30fc\u30b8\u3092\u4fdd\u5b58\u3057\u3001\u7f72\u540d\u3057\u3001\u8106\u5f31\u6027\u306e\u30b9\u30ad\u30e3\u30f3\u3092\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002Harbor\u306f\u3001Docker Hub\u3001Docker Registry\u3001Google Container Registry\u306a\u3069\u306e\u30ec\u30b8\u30b9\u30c8\u30ea\u3068\u306e\u7d71\u5408\u304c\u53ef\u80fd\u3067\u3059\u3002Harbor \u3092\u5229\u7528\u3059\u308b\u3068\u3001\u30e6\u30fc\u30b6\u30fc\u306f\u30b7\u30f3\u30d7\u30eb\u306aGUI\u3092\u4f7f\u3063\u3066\u3001\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u306b\u57fa\u3065\u304d\u3001\u30b3\u30f3\u30c6\u30ca \u30a4\u30e1\u30fc\u30b8\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3001\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u3001\u30b9\u30ad\u30e3\u30f3\u3067\u304d\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<p>Harbor\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u306f\u3053\u30534\u5e74\u307b\u3069\u3067\u5f90\u3005\u306b\u4eba\u6c17\u3092\u96c6\u3081\u30012018\u5e74\u306e11\u6708\u306b<a href=\"https:\/\/goharbor.io\/blogs\/harbor-moves-to-incubation\/\">CNCF\u306e\u652f\u63f4\u3092\u53d7\u3051\u308b\u30d7\u30ed\u30b8\u30a7\u30af\u30c8<\/a>\u306b\u306a\u308a\u307e\u3057\u305f\u3002Harbor\u306b\u306f\u8457\u540d\u306a\u30b9\u30dd\u30f3\u30b5\u30fc\u3084\u4f01\u696d\u304c\u591a\u6570\u3064\u3044\u3066\u304a\u308a\u3001<a href=\"https:\/\/github.com\/goharbor\/harbor\/blob\/master\/ADOPTERS.md\">\u63a1\u7528\u4f01\u696d\u306e\u4e00\u89a7\u304c\u3053\u3061\u3089\u306e\u30da\u30fc\u30b8\u306b\u3042\u308a\u307e\u3059<\/a>\u3002<\/p>\n<p style=\"text-align: center;\"><img width=\"895\" height=\"565\"  class=\"wp-image-99403 aligncenter lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-17.png\" srcset=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-17.png 895w, https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-17-300x189.png 300w, https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-17-768x485.png 768w, https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-17-370x234.png 370w\" sizes=\"(max-width: 895px) 100vw, 895px\" \/><span style=\"font-size: 10pt;\"><em>\u56f31 Harbor \u516c\u5f0f\u8a8d\u5b9a\u30e6\u30fc\u30b6\u30fc\u3068\u30d1\u30fc\u30c8\u30ca\u30fc<\/em><\/span><\/p>\n<h2>\u8106\u5f31\u6027\u306e\u5f71\u97ff\u5ea6<\/h2>\n<p>\u3053\u306e\u8106\u5f31\u6027\u306e\u5f71\u97ff\u5ea6\u306f\u6df1\u523b\u3067\u3059\u3002\u7ba1\u7406\u8005\u6a29\u9650\u3092\u53d6\u5f97\u5f8c\u306b\u958b\u59cb\u53ef\u80fd\u306a\u653b\u6483\u30d9\u30af\u30c8\u30eb\u306f\u591a\u6570\u5b58\u5728\u3057\u307e\u3059\u3002\u653b\u6483\u8005\u306f\u3001\u3044\u304b\u306a\u308b\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8 \u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u3067\u3042\u308c\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3066\u691c\u67fb\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u30ec\u30b8\u30b9\u30c8\u30ea\u5185\u306e\u3059\u3079\u3066\u306e\u30b3\u30f3\u30c6\u30ca \u30a4\u30e1\u30fc\u30b8\u3092\u524a\u9664\u3059\u308b\u3053\u3068\u3082\u3067\u304d\u3001\u3082\u3063\u3068\u60aa\u3051\u308c\u3070\u30b3\u30f3\u30c6\u30ca \u30ec\u30b8\u30b9\u30c8\u30ea\u5185\u306e\u30a4\u30e1\u30fc\u30b8\u3092\u81ea\u5206\u305f\u3061\u306e\u30a4\u30e1\u30fc\u30b8\u306b\u7f6e\u304d\u63db\u3048\u308b\u3053\u3068\u3067\u30ec\u30b8\u30b9\u30c8\u30ea\u3092\u6c5a\u67d3\u3059\u308b\u3053\u3068\u3082\u3067\u304d\u307e\u3059\u3002\u653b\u6483\u8005\u306f\u65b0\u3057\u3044\u30e6\u30fc\u30b6\u30fc\u3092\u4f5c\u6210\u3057\u3001\u4f5c\u6210\u3057\u305f\u30e6\u30fc\u30b6\u30fc\u3092\u7ba1\u7406\u8005\u306b\u8a2d\u5b9a\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u305d\u306e\u5f8c\u3001Docker\u30b3\u30de\u30f3\u30c9\u30e9\u30a4\u30f3 \u30c4\u30fc\u30eb\u3067\u65b0\u3057\u3044\u8cc7\u683c\u60c5\u5831\u3092\u4f7f\u7528\u3057\u3001Harbor\u30b3\u30f3\u30c6\u30ca \u30ec\u30b8\u30b9\u30c8\u30ea\u306b\u63a5\u7d9a\u3057\u3066\u3001\u73fe\u5728\u306e\u30a4\u30e1\u30fc\u30b8\u3092\u3069\u306e\u3088\u3046\u306a\u30a4\u30e1\u30fc\u30b8\u306b\u3067\u3082\u7f6e\u304d\u63db\u3048\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u305d\u306e\u306a\u304b\u306b\u306f\u30de\u30eb\u30a6\u30a7\u30a2\u3001\u6697\u53f7\u901a\u8ca8\u306e\u30de\u30a4\u30ca\u30fc \u30d7\u30ed\u30b0\u30e9\u30e0\u3001\u305d\u306e\u307b\u304b\u306e\u3055\u307e\u3056\u307e\u306a\u60aa\u610f\u306e\u3042\u308b\u30d7\u30ed\u30b0\u30e9\u30e0\u3092\u542b\u3081\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n<p style=\"text-align: center;\">\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 <iframe loading=\"lazy\" width=\"560\" height=\"314\" src=\"\/\/www.youtube.com\/embed\/LBgIKqdfF1k?feature=youtu\" allowfullscreen=\"allowfullscreen\" data-mce-fragment=\"1\"><\/iframe><\/p>\n<p style=\"text-align: center;\"><span style=\"font-size: 10pt;\"><em>\u30d3\u30c7\u30aa1 \u8106\u5f31\u6027\u306e\u6982\u5ff5\u5b9f\u8a3c\u306e\u305f\u3081\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/em><\/span><\/p>\n<h2>\u30aa\u30f3\u30e9\u30a4\u30f3 \u30a4\u30f3\u30b9\u30bf\u30f3\u30b9<\/h2>\n<p>\u3053\u306e\u554f\u984c\u304c\u6df1\u523b\u3067\u3042\u308b\u3053\u3068\u304c\u308f\u304b\u3063\u305f\u306e\u3067\u30aa\u30f3\u30e9\u30a4\u30f3\u306b\u3042\u308bHarbor\u306e\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u6570\u3092\u78ba\u8a8d\u3059\u308b\u3053\u3068\u306b\u3057\u307e\u3057\u305f\u3002\u30b9\u30ad\u30e3\u30f3\u3057\u305f\u7d50\u679c\u304b\u3089\u3001\u30aa\u30f3\u30e9\u30a4\u30f3\u306b\u306fHarbor\u30ec\u30b8\u30b9\u30c8\u30ea\u304c2,500\u3042\u308b\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3057\u305f\u3002\u3053\u308c\u3089\u306e\u306a\u304b\u304b\u3089\u8106\u5f31\u306a\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u6570\u3092\u8a55\u4fa1\u3059\u308b\u305f\u3081\u3001\u79c1\u306f\u305d\u308c\u5c02\u7528\u306b\u66f8\u3044\u305f\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u5b9f\u884c\u3057\u3066\u7d50\u679c\u7684\u306b\u8106\u5f31\u306a\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u304c1,300\u4ef6\u5b58\u5728\u3059\u308b\u3053\u3068\u3092\u7a81\u304d\u6b62\u3081\u307e\u3057\u305f\u3002<\/p>\n<h2>\u8106\u5f31\u6027<\/h2>\n<p>\u4ee5\u4e0b\u3001\u8106\u5f31\u6027\u306e\u5185\u5bb9\u3092\u5177\u4f53\u7684\u306b\u898b\u3066\u3044\u304d\u307e\u3059\u3002\u6700\u521d\u306b\u300cUser\u300d\u69cb\u9020\u4f53\u3092\u8abf\u3079\u307e\u3059\u3002<\/p>\n<p style=\"text-align: center;\"><img width=\"656\" height=\"328\"  class=\"wp-image-99405 aligncenter lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-18.png\" srcset=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-18.png 656w, https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-18-300x150.png 300w, https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-18-370x185.png 370w\" sizes=\"(max-width: 656px) 100vw, 656px\" \/><span style=\"font-size: 10pt;\"><em>\u56f32 Harbor\u30bd\u30fc\u30b9\u30b3\u30fc\u30c9\u306eUser\u69cb\u9020\u4f53<\/em><\/span><\/p>\n<p>\u3053\u3053\u3067\u6a19\u7684\u3068\u3059\u308b\u30d1\u30e9\u30e1\u30fc\u30bf\u306f<code><span style=\"font-family: 'courier new', courier, monospace;\">HasAdminRole<\/span><\/code>\u3067\u3059\u3002\u3068\u3044\u3046\u306e\u3082\u3001\u3053\u306e\u30d1\u30e9\u30e1\u30fc\u30bf\u3042\u308b\u30e6\u30fc\u30b6\u306b\u7ba1\u7406\u8005\u6a29\u9650\u304c\u3042\u308b\u304b\u3069\u3046\u304b\u3092\u793a\u3059\u3082\u306e\u3060\u304b\u3089\u3067\u3059\u3002\u3053\u306e\u30d1\u30e9\u30e1\u30fc\u30bf\u3092<code>True<\/code>\u306b\u8a2d\u5b9a\u3067\u304d\u308c\u3070\u653b\u6483\u5074\u306e\u52dd\u3061\u3067\u3059\u3002<\/p>\n<p>\u305d\u308c\u306b\u306f\u3069\u3046\u3059\u308c\u3070\u3088\u3044\u3067\u3057\u3087\u3046\u304b\u3002<\/p>\n<p>API\u547c\u3073\u51fa\u3057\u3092\u773a\u3081\u3066\u307f\u307e\u3059\u3002\u3059\u308b\u3068\u8ab0\u304b\u304c\u300c\/api\/users\u300d\u3078\u30a2\u30af\u30bb\u30b9\u8a66\u884c\u3057\u305f\u3055\u3044\u306b\u8d77\u3053\u308b\u3001\u3042\u308b\u8208\u5473\u6df1\u3044\u547c\u3073\u51fa\u3057\u304c\u898b\u3064\u304b\u308a\u307e\u3059\u3002<\/p>\n<p style=\"text-align: center;\"><img width=\"634\" height=\"20\"  class=\"wp-image-99407 aligncenter lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-19.png\" srcset=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-19.png 634w, https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-19-300x9.png 300w, https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-19-590x20.png 590w, https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-19-370x12.png 370w\" sizes=\"(max-width: 634px) 100vw, 634px\" \/><span style=\"font-size: 10pt;\"><em>\u56f33 \/api\/users \u30eb\u30fc\u30c6\u30a3\u30f3\u30b0<\/em><\/span><\/p>\n<p>\u305d\u306e\u8ab0\u304b\u304cPOST\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3057\u305f\u5834\u5408\u3001\u7d50\u679c\u3068\u3057\u3066\u4ee5\u4e0b\u306e\u30b3\u30fc\u30c9\u306b\u305f\u3069\u308a\u7740\u304f\u3053\u3068\u306b\u306a\u308a\u307e\u3059\u3002\u4ee5\u4e0b\u30b3\u30fc\u30c9\u3067\u306f\u65b0\u3057\u3044\u30e6\u30fc\u30b6\u306e\u767b\u9332\u3092\u884c\u3063\u3066\u3044\u307e\u3059\u3002<\/p>\n<p style=\"text-align: center;\"><img width=\"734\" height=\"852\"  class=\"wp-image-99409 aligncenter lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-20.png\" srcset=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-20.png 734w, https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-20-258x300.png 258w, https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/word-image-20-370x429.png 370w\" sizes=\"(max-width: 734px) 100vw, 734px\" \/><span style=\"font-size: 10pt;\"><em>\u56f34 POST\u30ea\u30af\u30a8\u30b9\u30c8\u306e\u51e6\u7406\u30ed\u30b8\u30c3\u30af<\/em><\/span><\/p>\n<p>\u554f\u984c\u306fuser.go\u306e317\u884c\u76ee\u306b\u5b58\u5728\u3057\u307e\u3059\u3002<\/p>\n<pre><code>if err := ua.DecodeJSONReq(&user); err != nil<\/code><\/pre>\n<p>\u3053\u306e\u30b3\u30fc\u30c9\u884c\u306f\u3001POST\u30ea\u30af\u30a8\u30b9\u30c8\u304b\u3089\u30c7\u30fc\u30bf\u3092\u53d6\u5f97\u3057\u3001\u305d\u308c\u30921\u3064\u306e\u30e6\u30fc\u30b6\u30fc\u30aa\u30d6\u30b8\u30a7\u30af\u30c8\u306b\u30c7\u30b3\u30fc\u30c9\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u901a\u5e38\u306e\u30ea\u30af\u30a8\u30b9\u30c8 \u30da\u30a4\u30ed\u30fc\u30c9\u306f\u6b21\u306e\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<pre><code>{\"username\":\"test\",\"email\":\"test123@gmai.com\",\"realname\":\"no name\",\"password\":\"Password1\\u0021\",\"comment\":null}<\/code><\/pre>\n<p>\u3053\u3053\u3067\u554f\u984c\u306b\u306a\u308b\u306e\u306f\u3001\u3053\u306e\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3059\u308b\u3055\u3044\u3001\u30d1\u30e9\u30e1\u30fc\u30bf<code>has_admin_role<\/code>\u3092\u8ffd\u52a0\u3067\u304d\u3066\u3057\u307e\u3046\u3053\u3068\u3067\u3059\u3002<\/p>\n<p><code>has_admin_role<\/code>\u3092<code>true<\/code>\u306b\u8a2d\u5b9a\u3057\u3066\u540c\u3058\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3059\u308b\u3068\u3001\u4f5c\u6210\u3055\u308c\u308b\u30e6\u30fc\u30b6\u30fc\u306f\u7ba1\u7406\u8005\u306b\u306a\u308a\u307e\u3059\u3002\u3064\u307e\u308a\u3001\u60aa\u7528\u306f\u975e\u5e38\u306b\u5bb9\u6613\u3067\u3059\u3002<\/p>\n<h2>\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/h2>\n<p>\u30ea\u30af\u30a8\u30b9\u30c8 \u30dc\u30c7\u30a3\u306e<code>has_admin_role<\/code>\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u3092<code>true<\/code>\u306b\u8a2d\u5b9a\u3057\u3066\u7ba1\u7406\u8005\u6a29\u9650\u3092\u6301\u3064\u65b0\u3057\u3044\u30e6\u30fc\u30b6\u30fc\u3092\u4f5c\u6210\u3059\u308b\u305f\u3081\u3001\/api\/users \u306bPOST\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u308b\u7c21\u5358\u306aPython\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u4f5c\u6210\u3057\u307e\u3057\u305f\u3002\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u5b9f\u884c\u5f8c\u306f\u30d6\u30e9\u30a6\u30b6\u3067Harbor\u3092\u958b\u304d\u3001\u4f5c\u6210\u3057\u305f\u30e6\u30fc\u30b6\u30fc\u3068\u3057\u3066\u30b5\u30a4\u30f3\u30a4\u30f3\u3059\u308b\u3060\u3051\u3067\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u5b8c\u4e86\u3057\u307e\u3059\u3002<\/p>\n<h2>\u958b\u793a\u306b\u3044\u305f\u308b\u904e\u7a0b<\/h2>\n<p>\u79c1\u306f\u3053\u306e\u8106\u5f31\u6027\u306e\u5f71\u97ff\u3092\u8a55\u4fa1\u3057\u3001\u8cac\u4efb\u3042\u308b\u958b\u793a\u3092\u884c\u3046\u6e96\u5099\u3092\u6574\u3048\u307e\u3057\u305f\u3002\u305d\u306e\u9593\u306b\u3082Harbor\u306e\u30e1\u30f3\u30c6\u30ca\u4e00\u540c\u306f\u3001\u540c\u8106\u5f31\u6027\u306e\u4fee\u6b63\u3092\u542b\u3080\u30b3\u30df\u30c3\u30c8\u3092GitHub\u306emaster\u30d6\u30e9\u30f3\u30c1\u306b\u30ea\u30ea\u30fc\u30b9\u3057\u3066\u304f\u308c\u307e\u3057\u305f\u3002\u79c1\u306fHarbor\u30c1\u30fc\u30e0\u306b\u3053\u308c\u304c\u91cd\u5927\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4e0a\u306e\u8106\u5f31\u6027\u3067\u3042\u308b\u3053\u3068\u3092\u77e5\u3089\u305b\u3001CVE\u306e\u5272\u308a\u5f53\u3066\u3092\u884c\u3046\u652f\u63f4\u3092\u884c\u3044\u307e\u3057\u305f\u3002\u307e\u305f\u3067\u304d\u308b\u3060\u3051\u65e9\u304f\u65b0\u3057\u3044\u30ea\u30ea\u30fc\u30b9\u3092\u516c\u958b\u3059\u308b\u3088\u3046\u52a9\u8a00\u3057\u3001\u540c\u30c1\u30fc\u30e0\u306f\u305d\u308c\u306b\u5fdc\u3048\u308b\u5f62\u3067\u8fc5\u901f\u306b\u516c\u958b\u3092\u3057\u3066\u304f\u308c\u307e\u3057\u305f\u3002<\/p>\n<h2>\u7de9\u548c\u30fb\u56de\u907f\u7b56<\/h2>\n<p>Harbor\u30c1\u30fc\u30e0\u306f\u3001\u3053\u306e\u554f\u984c\u306b\u5bfe\u51e6\u3059\u308b\u30d1\u30c3\u30c1\u3092\u30ea\u30ea\u30fc\u30b9\u6e08\u307f\u3067\u3059\u3002\u540c\u30d1\u30c3\u30c1\u306f\u3001\u30e1\u30f3\u30c6\u30ca\u306e1\u4eba\u306b\u3088\u308b<a href=\"https:\/\/github.com\/goharbor\/harbor\/pull\/8917\">\u30d7\u30eb\u30ea\u30af\u30a8\u30b9\u30c8\u306b\u3088\u308a<\/a>\u516c\u958b\u3055\u308c\u30019\u670818\u65e5\u306b\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u305fHarbor\u30d0\u30fc\u30b8\u30e7\u30f31.7.6\u304a\u3088\u30731.8.3\u306b\u306e\u307f\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u3002\u30ea\u30ea\u30fc\u30b9\u30ce\u30fc\u30c8\u306b\u306f\u3001\u300cDisallow creating an admin user when registration\uff08\u767b\u9332\u6642\u306b\u7ba1\u7406\u30e6\u30fc\u30b6\u30fc\u306e\u4f5c\u6210\u3092\u8a31\u53ef\u3057\u306a\u3044\uff09\u300d\u3068\u3044\u3046\u8aac\u660e\u304c\u3055\u308c\u3001\u3053\u306e\u554f\u984c\u304c\u89e3\u6c7a\u3055\u308c\u305f\u3053\u3068\u304c\u8aac\u660e\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u540c\u30c1\u30fc\u30e0\u306e\u30e1\u30f3\u30c6\u30ca\u306f\u3001\u7ba1\u7406\u8005\u3067\u306f\u306a\u3044\u30e6\u30fc\u30b6\u30fc\u304c\u65b0\u3057\u304f\u7ba1\u7406\u8005\u30e6\u30fc\u30b6\u30fc\u3092\u4f5c\u6210\u3067\u304d\u306a\u3044\u3088\u3046\u306b\u3059\u308b\u30c1\u30a7\u30c3\u30af\u3092\u8ffd\u52a0\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u3053\u306e\u8106\u5f31\u6027\u306fHarbor\u306e\u30d0\u30fc\u30b8\u30e7\u30f31.7.0\u304b\u30891.8.2\u306b\u5b58\u5728\u3057\u307e\u3059\u3002\u5f53\u8a72\u8106\u5f31\u6027\u306f\u7dca\u6025\u30ec\u30d9\u30eb\u306e\u3082\u306e\u3067\u3001\u8ab0\u3067\u3042\u3063\u3066\u3082\u30ec\u30b8\u30b9\u30c8\u30ea\u306b\u5b8c\u5168\u306b\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u305f\u3081\u3001\u3059\u3079\u3066\u306e\u30e6\u30fc\u30b6\u30fc\u304c\u81ea\u8eab\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u305fHarbor\u3092\u305f\u3060\u3061\u306b\u66f4\u65b0\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002<\/p>\n<h2>\u81ea\u5206\u306e\u30ec\u30b8\u30b9\u30c8\u30ea\u304c\u5f71\u97ff\u3092\u53d7\u3051\u308b\u304b\u3069\u3046\u304b\u3092\u8abf\u3079\u308b\u306b\u306f<\/h2>\n<p>\u30d0\u30fc\u30b8\u30e7\u30f31.7.0\u304b\u30891.8.2\u306e\u53e4\u3044\u30d0\u30fc\u30b8\u30e7\u30f3\u306eHarbor\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u3092\u304a\u6301\u3061\u306e\u5834\u5408\u3001\u540c\u8106\u5f31\u6027\u306b\u3088\u308b\u5f71\u97ff\u3092\u53d7\u3051\u307e\u3059\u3002\u305f\u3060\u3061\u306b\u30d1\u30c3\u30c1\u3092\u9069\u7528\u3057\u3066\u66f4\u65b0\u3059\u308b\u304b\u3001\u5c11\u306a\u304f\u3068\u3082\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u3078\u306e\u63a5\u7d9a\u3092\u906e\u65ad\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u81ea\u8eab\u306e\u74b0\u5883\u304c\u30cf\u30c3\u30ad\u30f3\u30b0\u3055\u308c\u305f\u304b\u3069\u3046\u304b\u3092\u78ba\u8a8d\u3059\u308b\u306b\u306f\u3001Harbor\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u4e0a\u306e\u7ba1\u7406\u8005\u6a29\u9650\u3092\u6301\u3064\u898b\u899a\u3048\u306e\u306a\u3044\u30e6\u30fc\u30b6\u30fc\u306e\u6709\u7121\u3092\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002\u305f\u3060\u3057\u3001\u653b\u6483\u8005\u304c\u3059\u3067\u306b\u653b\u6483\u306b\u4f7f\u7528\u3057\u305f\u30e6\u30fc\u30b6\u30fc\u3092\u524a\u9664\u6e08\u307f\u306e\u53ef\u80fd\u6027\u306f\u3042\u308a\u307e\u3059\u3002\u305d\u306e\u5834\u5408\u306f\u4fb5\u5bb3\u306e\u6709\u7121\u3092\u691c\u51fa\u3059\u308b\u306e\u306f\u96e3\u3057\u304f\u306a\u308a\u307e\u3059\u3002\u3067\u3059\u304c\u3001\u5c11\u306a\u304f\u3068\u3082\u30b9\u30dd\u30c3\u30c8\u30c1\u30a7\u30c3\u30af\u306f\u884c\u3046\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Aviv Sasson, a security researcher from the cloud division of Unit 42, has identified a critical vulnerability in a widespread cloud native registry called Harbor. The vulnerability allows attackers to take over Harbor registries by sending them a malicious request. The maintainers of Harbor released a patch that closes this critical security hole. Versions 1.7.6 and 1.8.3 include this fix. Unit 42 has found 1,300 Harbor registries open to the internet with vulnerable default settings, which are currently at risk until they\u2019re updated.<\/p>\n","protected":false},"author":324,"featured_media":99411,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[4469,4436,4428,4470],"tags":[6567,4627,6569,6570],"product_categories":[],"coauthors":[1455],"class_list":["post-99464","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-vulnerabilities","category-cloud-cybersecurity-research-ja","category-threat-research-ja","category-vulnerabilities-ja","tag-cncf-ja","tag-containers-ja","tag-cve-2019-16097-ja","tag-harbor"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.0 (Yoast SEO v27.0) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Harbor\u30b3\u30f3\u30c6\u30ca\u30ec\u30b8\u30b9\u30c8\u30ea\u306b\u7ba1\u7406\u8005\u306b\u7279\u6a29\u6607\u683c\u304c\u53ef\u80fd\u306a\u6df1\u523b\u306a\u8106\u5f31\u6027 (CVE-2019-16097)<\/title>\n<meta name=\"description\" content=\"Unit 42\u306e\u30af\u30e9\u30a6\u30c9\u90e8\u9580\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u30af\u30e9\u30a6\u30c9 \u30cd\u30a4\u30c6\u30a3\u30d6 \u30b3\u30f3\u30c6\u30ca \u30ec\u30b8\u30b9\u30c8\u30eaHarbor\u306b\u91cd\u5927\u306a\u8106\u5f31\u6027\u304c\u3042\u308b\u3053\u3068\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u60aa\u610f\u306e\u3042\u308b\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3059\u308b\u3068Harbor\u30ec\u30b8\u30b9\u30c8\u30ea\u3092\u4e57\u3063\u53d6\u308b\u3053\u3068\u304c\u53ef\u80fd\u3067\u3059\u3002\u8106\u5f31\u6027\u306f\u7dca\u6025\u30ec\u30d9\u30eb\u3067\u3059\u3002\u305f\u3060\u3061\u306b\u4fee\u6b63\u7248\u3078\u66f4\u65b0\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Harbor\u30b3\u30f3\u30c6\u30ca\u30ec\u30b8\u30b9\u30c8\u30ea\u306b\u7ba1\u7406\u8005\u306b\u7279\u6a29\u6607\u683c\u304c\u53ef\u80fd\u306a\u6df1\u523b\u306a\u8106\u5f31\u6027 (CVE-2019-16097)\" \/>\n<meta property=\"og:description\" content=\"Unit 42\u306e\u30af\u30e9\u30a6\u30c9\u90e8\u9580\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u30af\u30e9\u30a6\u30c9 \u30cd\u30a4\u30c6\u30a3\u30d6 \u30b3\u30f3\u30c6\u30ca \u30ec\u30b8\u30b9\u30c8\u30eaHarbor\u306b\u91cd\u5927\u306a\u8106\u5f31\u6027\u304c\u3042\u308b\u3053\u3068\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u60aa\u610f\u306e\u3042\u308b\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3059\u308b\u3068Harbor\u30ec\u30b8\u30b9\u30c8\u30ea\u3092\u4e57\u3063\u53d6\u308b\u3053\u3068\u304c\u53ef\u80fd\u3067\u3059\u3002\u8106\u5f31\u6027\u306f\u7dca\u6025\u30ec\u30d9\u30eb\u3067\u3059\u3002\u305f\u3060\u3061\u306b\u4fee\u6b63\u7248\u3078\u66f4\u65b0\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002\" \/>\n<meta property=\"og:url\" content=\"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/\" \/>\n<meta property=\"og:site_name\" content=\"Unit 42\" \/>\n<meta property=\"article:published_time\" content=\"2019-09-20T05:59:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-09-20T22:12:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/pict-for-blog-LightHouse-2-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2048\" \/>\n\t<meta property=\"og:image:height\" content=\"824\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Aviv Sasson\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Harbor\u30b3\u30f3\u30c6\u30ca\u30ec\u30b8\u30b9\u30c8\u30ea\u306b\u7ba1\u7406\u8005\u306b\u7279\u6a29\u6607\u683c\u304c\u53ef\u80fd\u306a\u6df1\u523b\u306a\u8106\u5f31\u6027 (CVE-2019-16097)\" \/>\n<meta name=\"twitter:description\" content=\"Unit 42\u306e\u30af\u30e9\u30a6\u30c9\u90e8\u9580\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u30af\u30e9\u30a6\u30c9 \u30cd\u30a4\u30c6\u30a3\u30d6 \u30b3\u30f3\u30c6\u30ca \u30ec\u30b8\u30b9\u30c8\u30eaHarbor\u306b\u91cd\u5927\u306a\u8106\u5f31\u6027\u304c\u3042\u308b\u3053\u3068\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u60aa\u610f\u306e\u3042\u308b\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3059\u308b\u3068Harbor\u30ec\u30b8\u30b9\u30c8\u30ea\u3092\u4e57\u3063\u53d6\u308b\u3053\u3068\u304c\u53ef\u80fd\u3067\u3059\u3002\u8106\u5f31\u6027\u306f\u7dca\u6025\u30ec\u30d9\u30eb\u3067\u3059\u3002\u305f\u3060\u3061\u306b\u4fee\u6b63\u7248\u3078\u66f4\u65b0\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Harbor\u30b3\u30f3\u30c6\u30ca\u30ec\u30b8\u30b9\u30c8\u30ea\u306b\u7ba1\u7406\u8005\u306b\u7279\u6a29\u6607\u683c\u304c\u53ef\u80fd\u306a\u6df1\u523b\u306a\u8106\u5f31\u6027 (CVE-2019-16097)","description":"Unit 42\u306e\u30af\u30e9\u30a6\u30c9\u90e8\u9580\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u30af\u30e9\u30a6\u30c9 \u30cd\u30a4\u30c6\u30a3\u30d6 \u30b3\u30f3\u30c6\u30ca \u30ec\u30b8\u30b9\u30c8\u30eaHarbor\u306b\u91cd\u5927\u306a\u8106\u5f31\u6027\u304c\u3042\u308b\u3053\u3068\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u60aa\u610f\u306e\u3042\u308b\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3059\u308b\u3068Harbor\u30ec\u30b8\u30b9\u30c8\u30ea\u3092\u4e57\u3063\u53d6\u308b\u3053\u3068\u304c\u53ef\u80fd\u3067\u3059\u3002\u8106\u5f31\u6027\u306f\u7dca\u6025\u30ec\u30d9\u30eb\u3067\u3059\u3002\u305f\u3060\u3061\u306b\u4fee\u6b63\u7248\u3078\u66f4\u65b0\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/","og_locale":"ja_JP","og_type":"article","og_title":"Harbor\u30b3\u30f3\u30c6\u30ca\u30ec\u30b8\u30b9\u30c8\u30ea\u306b\u7ba1\u7406\u8005\u306b\u7279\u6a29\u6607\u683c\u304c\u53ef\u80fd\u306a\u6df1\u523b\u306a\u8106\u5f31\u6027 (CVE-2019-16097)","og_description":"Unit 42\u306e\u30af\u30e9\u30a6\u30c9\u90e8\u9580\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u30af\u30e9\u30a6\u30c9 \u30cd\u30a4\u30c6\u30a3\u30d6 \u30b3\u30f3\u30c6\u30ca \u30ec\u30b8\u30b9\u30c8\u30eaHarbor\u306b\u91cd\u5927\u306a\u8106\u5f31\u6027\u304c\u3042\u308b\u3053\u3068\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u60aa\u610f\u306e\u3042\u308b\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3059\u308b\u3068Harbor\u30ec\u30b8\u30b9\u30c8\u30ea\u3092\u4e57\u3063\u53d6\u308b\u3053\u3068\u304c\u53ef\u80fd\u3067\u3059\u3002\u8106\u5f31\u6027\u306f\u7dca\u6025\u30ec\u30d9\u30eb\u3067\u3059\u3002\u305f\u3060\u3061\u306b\u4fee\u6b63\u7248\u3078\u66f4\u65b0\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002","og_url":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/","og_site_name":"Unit 42","article_published_time":"2019-09-20T05:59:26+00:00","article_modified_time":"2019-09-20T22:12:52+00:00","og_image":[{"width":2048,"height":824,"url":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/pict-for-blog-LightHouse-2-1.png","type":"image\/png"}],"author":"Aviv Sasson","twitter_card":"summary_large_image","twitter_title":"Harbor\u30b3\u30f3\u30c6\u30ca\u30ec\u30b8\u30b9\u30c8\u30ea\u306b\u7ba1\u7406\u8005\u306b\u7279\u6a29\u6607\u683c\u304c\u53ef\u80fd\u306a\u6df1\u523b\u306a\u8106\u5f31\u6027 (CVE-2019-16097)","twitter_description":"Unit 42\u306e\u30af\u30e9\u30a6\u30c9\u90e8\u9580\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u30af\u30e9\u30a6\u30c9 \u30cd\u30a4\u30c6\u30a3\u30d6 \u30b3\u30f3\u30c6\u30ca \u30ec\u30b8\u30b9\u30c8\u30eaHarbor\u306b\u91cd\u5927\u306a\u8106\u5f31\u6027\u304c\u3042\u308b\u3053\u3068\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u60aa\u610f\u306e\u3042\u308b\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3059\u308b\u3068Harbor\u30ec\u30b8\u30b9\u30c8\u30ea\u3092\u4e57\u3063\u53d6\u308b\u3053\u3068\u304c\u53ef\u80fd\u3067\u3059\u3002\u8106\u5f31\u6027\u306f\u7dca\u6025\u30ec\u30d9\u30eb\u3067\u3059\u3002\u305f\u3060\u3061\u306b\u4fee\u6b63\u7248\u3078\u66f4\u65b0\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/#article","isPartOf":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/"},"author":{"name":"Aviv Sasson","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/17875a8f2d1c5478a7560fd790943343"},"headline":"Harbor\u30b3\u30f3\u30c6\u30ca\u30ec\u30b8\u30b9\u30c8\u30ea\u306b\u7ba1\u7406\u8005\u306b\u7279\u6a29\u6607\u683c\u304c\u53ef\u80fd\u306a\u6df1\u523b\u306a\u8106\u5f31\u6027 (CVE-2019-16097)","datePublished":"2019-09-20T05:59:26+00:00","dateModified":"2019-09-20T22:12:52+00:00","mainEntityOfPage":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/"},"wordCount":74,"commentCount":0,"image":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/#primaryimage"},"thumbnailUrl":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/pict-for-blog-LightHouse-2-1.png","keywords":["CNCF","Containers","CVE-2019-16097","Harbor"],"articleSection":["Vulnerabilities","\u30af\u30e9\u30a6\u30c9 \u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30ea\u30b5\u30fc\u30c1","\u8105\u5a01\u30ea\u30b5\u30fc\u30c1","\u8106\u5f31\u6027"],"inLanguage":"ja","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/","url":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/","name":"Harbor\u30b3\u30f3\u30c6\u30ca\u30ec\u30b8\u30b9\u30c8\u30ea\u306b\u7ba1\u7406\u8005\u306b\u7279\u6a29\u6607\u683c\u304c\u53ef\u80fd\u306a\u6df1\u523b\u306a\u8106\u5f31\u6027 (CVE-2019-16097)","isPartOf":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/#primaryimage"},"image":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/#primaryimage"},"thumbnailUrl":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/pict-for-blog-LightHouse-2-1.png","datePublished":"2019-09-20T05:59:26+00:00","dateModified":"2019-09-20T22:12:52+00:00","author":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/17875a8f2d1c5478a7560fd790943343"},"description":"Unit 42\u306e\u30af\u30e9\u30a6\u30c9\u90e8\u9580\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u30af\u30e9\u30a6\u30c9 \u30cd\u30a4\u30c6\u30a3\u30d6 \u30b3\u30f3\u30c6\u30ca \u30ec\u30b8\u30b9\u30c8\u30eaHarbor\u306b\u91cd\u5927\u306a\u8106\u5f31\u6027\u304c\u3042\u308b\u3053\u3068\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u60aa\u610f\u306e\u3042\u308b\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3059\u308b\u3068Harbor\u30ec\u30b8\u30b9\u30c8\u30ea\u3092\u4e57\u3063\u53d6\u308b\u3053\u3068\u304c\u53ef\u80fd\u3067\u3059\u3002\u8106\u5f31\u6027\u306f\u7dca\u6025\u30ec\u30d9\u30eb\u3067\u3059\u3002\u305f\u3060\u3061\u306b\u4fee\u6b63\u7248\u3078\u66f4\u65b0\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002","breadcrumb":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/"]}]},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/#primaryimage","url":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/pict-for-blog-LightHouse-2-1.png","contentUrl":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/09\/pict-for-blog-LightHouse-2-1.png","width":2048,"height":824},{"@type":"BreadcrumbList","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/unit42.paloaltonetworks.com\/ja\/"},{"@type":"ListItem","position":2,"name":"Harbor\u30b3\u30f3\u30c6\u30ca\u30ec\u30b8\u30b9\u30c8\u30ea\u306b\u7ba1\u7406\u8005\u306b\u7279\u6a29\u6607\u683c\u304c\u53ef\u80fd\u306a\u6df1\u523b\u306a\u8106\u5f31\u6027 (CVE-2019-16097)"}]},{"@type":"WebSite","@id":"https:\/\/unit42.paloaltonetworks.com\/#website","url":"https:\/\/unit42.paloaltonetworks.com\/","name":"Unit 42","description":"Palo Alto Networks","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/unit42.paloaltonetworks.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"},{"@type":"Person","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/17875a8f2d1c5478a7560fd790943343","name":"Aviv Sasson","image":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/image\/4ffb3c2d260a0150fb91b3715442f8b3","url":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2018\/11\/unit-news-meta.svg","contentUrl":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2018\/11\/unit-news-meta.svg","caption":"Aviv Sasson"},"url":"https:\/\/unit42.paloaltonetworks.com\/ja\/author\/aviv-sasson\/"}]}},"_links":{"self":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/99464","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/users\/324"}],"replies":[{"embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/comments?post=99464"}],"version-history":[{"count":6,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/99464\/revisions"}],"predecessor-version":[{"id":99481,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/99464\/revisions\/99481"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/media\/99411"}],"wp:attachment":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/media?parent=99464"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/categories?post=99464"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/tags?post=99464"},{"taxonomy":"product_categories","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/product_categories?post=99464"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/coauthors?post=99464"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}