AuthZ bypass and privilege escalation: An attacker could exploit a bypass using an API request with Content-Length set to 0, causing the Docker daemon to forward the request without the body to the AuthZ plugin, which might approve the request incorrectly if not set to deny by default.

Aria Suite Lifecycle 8.x

The Aria Suite Lifecycle is not affected by CVE-2024-41110 because it does not utilize Docker features. This vulnerability specifically targets the Docker AuthZ plugin, which is not a component within the Aria Suite Lifecycle architecture. As a result, the potential for unauthorized access and privilege escalation outlined in the CVE does not apply to this VMware product.