The researcher managed to gain root privileges in an Apigee instance, but Google responded to the bug report saying that the code execution was sandboxed, so there seems to be no impact and therefore I'm creating an issue just so we have a record of this.
Summary (give a brief description of the issue)
The researcher managed to gain root privileges in an Apigee instance, but Google responded to the bug report saying that the code execution was sandboxed, so there seems to be no impact and therefore I'm creating an issue just so we have a record of this.
References (provide links to blogposts, etc.)
https://omespino.com/write-up-google-vrp-n-a-sandboxed-rce-as-root-on-apigee-api-proxies/