What is CVE-2017-20198?

CVE-2017-20198 is a vulnerability in D2iq, Inc. Dc/os Marathon, classified under Incorrect Permission Assignment for Critical Resource. Published 2025-07-23.

Is CVE-2017-20198 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in D2iq, Inc. Dc/os Marathon

CVE-2017-20198

The Marathon UI in DC/OS < 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem (/) wi…

EPSS: 0.730 (98.8th percentile) — read the EPSS interpretation.

Affected products

D2iq, Inc. Dc/os Marathon — versions 0

Weakness classification (CWE)

CWE-732 — Incorrect Permission Assignment for Critical Resource

Public proof-of-concept exploits

rapid7/metasploit-framework

References

www.exploit-db.com/exploits/42134 (exploit)
raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/l… (exploit)
web.archive.org/web/20230609134421/https://warroom.rsmus.com/dcos-marathon-comp… (technical-description)
dcos.io/ (product)
www.vulncheck.com/advisories/dcos-marathon-docker-mount-abuse-rce (third-party-advisory)

Frequently asked questions

What is CVE-2017-20198?: CVE-2017-20198 is a vulnerability in D2iq, Inc. Dc/os Marathon, classified under Incorrect Permission Assignment for Critical Resource. Published 2025-07-23.
Is CVE-2017-20198 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.