cve-2018-15514
Vulnerability from cvelistv5
Published
2018-09-01 01:00
Modified
2024-08-05 09:54
Severity ?
Summary
HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users" group (who may not otherwise have administrator access) to escalate to administrator privileges.
References
cve@mitre.orghttp://www.securityfocus.com/bid/105202Third Party Advisory, VDB Entry
cve@mitre.orghttps://docs.docker.com/docker-for-windows/edge-release-notes/Vendor Advisory
cve@mitre.orghttps://docs.docker.com/docker-for-windows/release-notes/Vendor Advisory
cve@mitre.orghttps://srcincite.io/blog/2018/08/31/you-cant-contain-me-analyzing-and-exploiting-an-elevation-of-privilege-in-docker-for-windows.htmlExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/105202Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://docs.docker.com/docker-for-windows/edge-release-notes/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://docs.docker.com/docker-for-windows/release-notes/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://srcincite.io/blog/2018/08/31/you-cant-contain-me-analyzing-and-exploiting-an-elevation-of-privilege-in-docker-for-windows.htmlExploit, Third Party Advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:03.679Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://srcincite.io/blog/2018/08/31/you-cant-contain-me-analyzing-and-exploiting-an-elevation-of-privilege-in-docker-for-windows.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://docs.docker.com/docker-for-windows/release-notes/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://docs.docker.com/docker-for-windows/edge-release-notes/"
          },
          {
            "name": "105202",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105202"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-08-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\\\.\\pipe\\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the \"docker-users\" group (who may not otherwise have administrator access) to escalate to administrator privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-09-05T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://srcincite.io/blog/2018/08/31/you-cant-contain-me-analyzing-and-exploiting-an-elevation-of-privilege-in-docker-for-windows.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://docs.docker.com/docker-for-windows/release-notes/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://docs.docker.com/docker-for-windows/edge-release-notes/"
        },
        {
          "name": "105202",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105202"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-15514",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\\\.\\pipe\\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the \"docker-users\" group (who may not otherwise have administrator access) to escalate to administrator privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://srcincite.io/blog/2018/08/31/you-cant-contain-me-analyzing-and-exploiting-an-elevation-of-privilege-in-docker-for-windows.html",
              "refsource": "MISC",
              "url": "https://srcincite.io/blog/2018/08/31/you-cant-contain-me-analyzing-and-exploiting-an-elevation-of-privilege-in-docker-for-windows.html"
            },
            {
              "name": "https://docs.docker.com/docker-for-windows/release-notes/",
              "refsource": "MISC",
              "url": "https://docs.docker.com/docker-for-windows/release-notes/"
            },
            {
              "name": "https://docs.docker.com/docker-for-windows/edge-release-notes/",
              "refsource": "MISC",
              "url": "https://docs.docker.com/docker-for-windows/edge-release-notes/"
            },
            {
              "name": "105202",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105202"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-15514",
    "datePublished": "2018-09-01T01:00:00",
    "dateReserved": "2018-08-18T00:00:00",
    "dateUpdated": "2024-08-05T09:54:03.679Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.10.0.0-0:*:*:*:community:windows:*:*\", \"matchCriteriaId\": \"75EE0C09-2480-49C2-82CF-CFE415EA1D46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.10.1.42-1:*:*:*:community:windows:*:*\", \"matchCriteriaId\": \"C64BD778-32B2-48A7-A60E-B40632071A3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.10.2.12:*:*:*:community:windows:*:*\", \"matchCriteriaId\": \"F0C1D108-3116-4760-B60A-29B0AC5DDD9F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.10.2.14:*:*:*:community:windows:*:*\", \"matchCriteriaId\": \"F8A5EFD1-686B-45EE-8486-379BE11BF3F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.10.4.0:*:*:*:community:windows:*:*\", \"matchCriteriaId\": \"C941DFFA-E63E-4C1E-944E-5145BE8520A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.10.6:*:*:*:community:windows:*:*\", \"matchCriteriaId\": \"ED4DAF79-618F-414E-BA01-49E6A559CF50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.11.0:*:*:*:community:windows:*:*\", \"matchCriteriaId\": \"7773B0DB-BC39-402E-BECC-7E5D60C05212\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.11.0:beta10:*:*:community:windows:*:*\", \"matchCriteriaId\": \"BB8D95B4-919C-44C6-BD5F-1C074C03C806\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.11.0:beta7:*:*:community:windows:*:*\", \"matchCriteriaId\": \"3F354463-E70D-4EC2-BA5F-0260E46EA849\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.11.0:beta8:*:*:community:windows:*:*\", \"matchCriteriaId\": \"F4BEB0C7-CC5C-4064-8048-2F3E82BE49AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.11.0:beta9:*:*:community:windows:*:*\", \"matchCriteriaId\": \"EAFFE22E-C685-4E4B-8A52-338896CE54BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.11.1:beta11:*:*:community:windows:*:*\", \"matchCriteriaId\": \"5A22BE8E-99A1-4E35-A9F5-39CACE1B6040\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.11.1:beta11b:*:*:community:windows:*:*\", \"matchCriteriaId\": \"621EBA1C-6209-458F-8518-C93A727CE60F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.11.1:beta12:*:*:community:windows:*:*\", \"matchCriteriaId\": \"B2E93E38-3E5F-4174-A823-DD788D4A1829\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.11.1:beta13:*:*:community:windows:*:*\", \"matchCriteriaId\": \"9D2D3C31-F2DB-47C1-9341-E64011D86661\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.11.1:beta14:*:*:community:windows:*:*\", \"matchCriteriaId\": \"81A2DB95-E0D9-4D33-A39E-C351D975F1B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.11.2:beta15:*:*:community:windows:*:*\", \"matchCriteriaId\": \"8B0A4AEE-7EE9-44B1-9AAE-D3DFACD8F98E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.0:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"075C09B5-FE9E-44C0-AFD4-B2BDCE2FDAA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.0:beta21:*:*:community:windows:*:*\", \"matchCriteriaId\": \"F6663998-DBE2-49B8-9636-8F4BBCFC3DBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.0:beta22:*:*:community:windows:*:*\", \"matchCriteriaId\": \"93EDCD8A-0432-4BF9-868E-FA9074060EC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.0:rc2-beta16:*:*:community:windows:*:*\", \"matchCriteriaId\": \"B1CAD773-44AF-40AC-B65D-97F3A0689FAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.0:rc2-beta17:*:*:community:windows:*:*\", \"matchCriteriaId\": \"A52E65C6-7DB4-468D-B91F-654BFDE9C3C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.0:rc3-beta18:*:*:community:windows:*:*\", \"matchCriteriaId\": \"06F89D97-7665-433B-B25F-F66FE23B6AEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.0:rc3-beta18.1:*:*:community:windows:*:*\", \"matchCriteriaId\": \"881FB068-8B13-4585-A718-3BFF119A0934\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.0:rc4-beta19:*:*:community:windows:*:*\", \"matchCriteriaId\": \"C901FDA8-23BF-40E3-9427-AC8B40145F18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.0:rc4-beta20:*:*:community:windows:*:*\", \"matchCriteriaId\": \"59DD40E5-C7EE-4D7D-B551-2EE7F52CDFDD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.1:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"3A24BD65-38A7-46E4-8482-0947BD58757E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.1:beta24:*:*:community:windows:*:*\", \"matchCriteriaId\": \"8778CDA0-4018-4AF9-996C-3EB8EDD7DC0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.1:beta25:*:*:community:windows:*:*\", \"matchCriteriaId\": \"514E870E-47BA-44C9-9E32-731D9F69C4F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.1:beta26:*:*:community:windows:*:*\", \"matchCriteriaId\": \"E1971949-CA54-4E81-B355-10717F0C0CD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.1:beta29.1:*:*:community:windows:*:*\", \"matchCriteriaId\": \"A032102B-84D1-408D-838B-E38574AF5514\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.1:rc1-beta23:*:*:community:windows:*:*\", \"matchCriteriaId\": \"4067DC55-E422-4E39-AF38-0F006098F349\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.2:beta29.2:*:*:community:windows:*:*\", \"matchCriteriaId\": \"27616814-A5AB-44F2-92E9-0FF11F859B2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.2:rc1-beta27:*:*:community:windows:*:*\", \"matchCriteriaId\": \"A246673D-ADFB-459B-BCB6-002EE99A5077\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.2:rc3-beta28:*:*:community:windows:*:*\", \"matchCriteriaId\": \"7CEE20EA-A79A-46A0-B127-6AA3AFE8776C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.3:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"1565619C-D6CD-4446-8D42-7845E11F903F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.3:beta29.3:*:*:community:windows:*:*\", \"matchCriteriaId\": \"53B50673-0CCE-4A1D-BAC9-464AA3C4C792\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.3:beta30:*:*:community:windows:*:*\", \"matchCriteriaId\": \"14D7FA2B-FE02-4BFA-90FC-B5349D0D0490\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.3:rc1-beta29:*:*:community:windows:*:*\", \"matchCriteriaId\": \"2C172802-03EA-4AE0-B570-151ABB0E8266\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.12.5:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"5CE4B770-DFC9-422D-8CFD-F899DD32D142\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.0:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"ABBD2ACE-307E-4021-9165-2560658643F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.0:beta38:*:*:community:windows:*:*\", \"matchCriteriaId\": \"28B27B5C-FC2E-4D5F-AD80-6DC1512737C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.0:beta39:*:*:community:windows:*:*\", \"matchCriteriaId\": \"D4C45FBD-DDC5-4D5E-B685-BC875C1123DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.0:rc2-beta31:*:*:community:windows:*:*\", \"matchCriteriaId\": \"63149AFC-FF10-4891-9FF7-5E29BED332FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.0:rc3-beta32:*:*:community:windows:*:*\", \"matchCriteriaId\": \"80504172-D891-46ED-968B-15A16851E055\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.0:rc3-beta32.1:*:*:community:windows:*:*\", \"matchCriteriaId\": \"3DDB7AD7-13A8-4406-AAF6-04335C8EC9D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.0:rc3-beta33:*:*:community:windows:*:*\", \"matchCriteriaId\": \"6E3EA94A-E759-4D09-AE37-4285E7DB625E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.0:rc4-beta34:*:*:community:windows:*:*\", \"matchCriteriaId\": \"42C702B0-4C6D-4595-921D-6F8444BDD27D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.0:rc5-beta35:*:*:community:windows:*:*\", \"matchCriteriaId\": \"8DC93CDE-EA4C-46C3-BCEF-5853F891AD71\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.0:rc6-beta36:*:*:community:windows:*:*\", \"matchCriteriaId\": \"928B8913-9E02-4EC4-9D95-C94848828C07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.0:rc7-beta37:*:*:community:windows:*:*\", \"matchCriteriaId\": \"77E37EC4-EB4D-48ED-8B2A-C86506D121CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.1:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"1BF8ED77-6AB6-49C0-B456-0672F0007C6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.1:rc1-beta40:*:*:community:windows:*:*\", \"matchCriteriaId\": \"AAF125E9-74FE-4C4F-862E-F85075CAC778\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:1.13.1:rc2-beta41:*:*:community:windows:*:*\", \"matchCriteriaId\": \"B012C23D-DA07-466D-83BE-E96207646033\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.0.4:win7:*:*:community:windows:*:*\", \"matchCriteriaId\": \"6AB3E159-4585-4BA8-B3F0-1C34656DBF7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.0.5:win9:*:*:community:windows:*:*\", \"matchCriteriaId\": \"7ACFEE15-EE8A-4C9A-826E-30D7F97071C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.03.0:*:*:*:community:windows:*:*\", \"matchCriteriaId\": \"516BBB86-054E-49DF-8DDC-CE74639DDD12\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.03.0:rc1-win1:*:*:community:windows:*:*\", \"matchCriteriaId\": \"564BCCEC-E6D8-4B5D-A6E4-876D3F671851\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.03.1:win12:*:*:community:windows:*:*\", \"matchCriteriaId\": \"DD07550E-3155-475B-8152-2A7256F9BF74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.04.0:win6:*:*:community:windows:*:*\", \"matchCriteriaId\": \"D98B4755-468F-45C4-91C6-CCA87A218F23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.06.0:win13:*:*:community:windows:*:*\", \"matchCriteriaId\": \"ED89DFDA-30CC-4835-A249-684DF582C5CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.06.0:win14:*:*:community:windows:*:*\", \"matchCriteriaId\": \"60CFB208-6C04-4412-B45F-55DF1AEF911B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.06.0:win15:*:*:community:windows:*:*\", \"matchCriteriaId\": \"B192ABF5-8FF4-47AF-9D6B-F87D44F2AB71\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.06.0:win16:*:*:community:windows:*:*\", \"matchCriteriaId\": \"05C9D372-2016-4209-95EF-B878D12B6135\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.06.0:win17:*:*:community:windows:*:*\", \"matchCriteriaId\": \"A6ADB083-FD23-4A7F-B1C8-37F6A7B242E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.06.0:win18:*:*:community:windows:*:*\", \"matchCriteriaId\": \"E3AFEDA5-18A0-4282-A167-B1A89E507D49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.06.1:rc1-win20:*:*:community:windows:*:*\", \"matchCriteriaId\": \"5EEAE95B-3992-48B2-9948-4BB67BE23C40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.06.1:rc1-win24:*:*:community:windows:*:*\", \"matchCriteriaId\": \"4CA3DF3A-9460-4F94-A1C8-6266110ACEB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.06.2:win27:*:*:community:windows:*:*\", \"matchCriteriaId\": \"D4CE903B-BB7C-4E12-A876-CBE7A0CFB8EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.07.0:rc1-win21:*:*:community:windows:*:*\", \"matchCriteriaId\": \"9A6DDBBE-813B-4834-819C-3C10A0E6D27E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.07.0:rc2-win22:*:*:community:windows:*:*\", \"matchCriteriaId\": \"FD578365-B1F2-4206-90D5-204DCA0C3C96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.07.0:rc3-win23:*:*:community:windows:*:*\", \"matchCriteriaId\": \"5F8F7EA2-1629-445C-8C84-729F61E6AF47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.07.0:rc4-win25:*:*:community:windows:*:*\", \"matchCriteriaId\": \"D62A6E93-EF27-4AAF-9A9A-D0359D16D251\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.07.0:win26:*:*:community:windows:*:*\", \"matchCriteriaId\": \"061988B5-5AB9-43C8-9FAB-DDB0E4FD3939\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.09.0:rc1-win28:*:*:community:windows:*:*\", \"matchCriteriaId\": \"0DBC9ED8-F35B-4166-9CC1-6EC98BBCA934\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.09.0:rc2-win29:*:*:community:windows:*:*\", \"matchCriteriaId\": \"B8C2214C-0501-4599-A87C-00761AA74D6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.09.0:rc3-win30:*:*:community:windows:*:*\", \"matchCriteriaId\": \"333C132D-5428-4D7F-A45A-003E3FE8B759\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.09.0:win31:*:*:community:windows:*:*\", \"matchCriteriaId\": \"25C1E065-84AB-4869-AF39-70FD9D56B25B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.09.0:win32:*:*:community:windows:*:*\", \"matchCriteriaId\": \"00364002-CD94-4836-99DD-1DCEBCAE5366\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.09.0:win33:*:*:community:windows:*:*\", \"matchCriteriaId\": \"8F4ED954-7BBD-4748-8E7A-87AC736CF915\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.09.0:win34:*:*:community:windows:*:*\", \"matchCriteriaId\": \"C6B34836-13CE-4C80-BBE4-00BF192FB62E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.09.1:win42:*:*:community:windows:*:*\", \"matchCriteriaId\": \"EA48FE95-EC6E-412E-B39B-AA069EBDC6A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.10.0:win36:*:*:community:windows:*:*\", \"matchCriteriaId\": \"9E2EAFA5-AE2C-40F3-8C77-3488A90F3C7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.11.0:rc2-win37:*:*:community:windows:*:*\", \"matchCriteriaId\": \"5EDF8C69-CA99-4013-85E4-3B0B83C66756\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.11.0:rc3-win38:*:*:community:windows:*:*\", \"matchCriteriaId\": \"3E656584-3B8E-4C45-81F6-A6A9228D1A13\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.11.0:rc4-win39:*:*:community:windows:*:*\", \"matchCriteriaId\": \"01449C91-E503-447B-B692-B1B79E15DF6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.11.0:win40:*:*:community:windows:*:*\", \"matchCriteriaId\": \"DC81DD87-91FF-4A2B-B0FA-8C5E9FE972FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.12.0:rc2-win41:*:*:community:windows:*:*\", \"matchCriteriaId\": \"906378CF-358A-45D0-ACA4-91B92668DA0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.12.0:rc3-win43:*:*:community:windows:*:*\", \"matchCriteriaId\": \"47BD87E0-2D15-4BCA-8834-E7E8FEA84AF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.12.0:rc4-win44:*:*:community:windows:*:*\", \"matchCriteriaId\": \"CBC1A03F-7B4A-49A7-BD97-DB0CCD3DE1DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.12.0:win45:*:*:community:windows:*:*\", \"matchCriteriaId\": \"5EFECB02-3416-462F-8D59-13C1A1E301DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.12.0:win46:*:*:community:windows:*:*\", \"matchCriteriaId\": \"CD3A423E-3900-410E-A4E9-E4FC0571732C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:17.12.0:win47:*:*:community:windows:*:*\", \"matchCriteriaId\": \"EF28F00E-801C-47C5-B4F2-C8C37D6DF9BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:18.01.0:win48:*:*:community:windows:*:*\", \"matchCriteriaId\": \"FBA4C9AD-F692-4130-8968-B1C67C76C666\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:18.02.0:rc1-win50:*:*:community:windows:*:*\", \"matchCriteriaId\": \"D158838B-15AD-4BFE-A6D8-E6980337BEE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:18.02.0:rc2-win51:*:*:community:windows:*:*\", \"matchCriteriaId\": \"3CD92CB8-6369-4212-8BEB-0395A9FB9115\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:18.02.0:win52:*:*:community:windows:*:*\", \"matchCriteriaId\": \"E1EAC1F9-0A84-4FD6-B552-87BA9020257C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:18.03.0:rc3-win56:*:*:community:windows:*:*\", \"matchCriteriaId\": \"E60F90BB-A3DD-47C0-8F7E-BAD8045331B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:18.03.0:win58:*:*:community:windows:*:*\", \"matchCriteriaId\": \"4B35132A-1955-49E9-A336-5C9390B51A84\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:18.03.0:win59:*:*:community:windows:*:*\", \"matchCriteriaId\": \"F143F995-DB17-40F6-9797-39A9CBFC487E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:18.03.1:win65:*:*:community:windows:*:*\", \"matchCriteriaId\": \"C824F3F5-1DD6-4DE9-ADE0-3F677EFD75F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:18.04.0:rc2-win61:*:*:community:windows:*:*\", \"matchCriteriaId\": \"56D08EEE-6A53-4D9D-BDAD-308B980E3529\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:18.05.0:rc1-win63:*:*:community:windows:*:*\", \"matchCriteriaId\": \"C20F89FB-C503-4EB1-8786-8E32EF0F6717\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:docker:docker:18.05.0:win66:*:*:community:windows:*:*\", \"matchCriteriaId\": \"A92250A7-C706-43AC-A74B-0D6E7730742A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\\\\\\\.\\\\pipe\\\\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the \\\"docker-users\\\" group (who may not otherwise have administrator access) to escalate to administrator privileges.\"}, {\"lang\": \"es\", \"value\": \"HandleRequestAsync en Docker para Windows en versiones anteriores a la 18.06.0-ce-rc3-win68 (edge) y anteriores a la 18.06.0-ce-win72 (estable) deserializaba peticiones a trav\\u00e9s de la tuber\\u00eda nombrada \\\\\\\\.\\\\pipe\\\\dockerBackend sin verificar la validez de los objetos .NET deserializados. Esto permitir\\u00eda que un usuario malicioso en el grupo \\\"docker-users\\\" (que, de otra forma, podr\\u00eda no tener acceso de administrador) escale sus privilegios a nivel de administrador.\"}]",
      "id": "CVE-2018-15514",
      "lastModified": "2024-11-21T03:50:59.077",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-09-01T01:29:00.233",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/105202\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://docs.docker.com/docker-for-windows/edge-release-notes/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://docs.docker.com/docker-for-windows/release-notes/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://srcincite.io/blog/2018/08/31/you-cant-contain-me-analyzing-and-exploiting-an-elevation-of-privilege-in-docker-for-windows.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/105202\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://docs.docker.com/docker-for-windows/edge-release-notes/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://docs.docker.com/docker-for-windows/release-notes/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://srcincite.io/blog/2018/08/31/you-cant-contain-me-analyzing-and-exploiting-an-elevation-of-privilege-in-docker-for-windows.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-15514\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-09-01T01:29:00.233\",\"lastModified\":\"2024-11-21T03:50:59.077\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\\\\\\\.\\\\pipe\\\\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the \\\"docker-users\\\" group (who may not otherwise have administrator access) to escalate to administrator privileges.\"},{\"lang\":\"es\",\"value\":\"HandleRequestAsync en Docker para Windows en versiones anteriores a la 18.06.0-ce-rc3-win68 (edge) y anteriores a la 18.06.0-ce-win72 (estable) deserializaba peticiones a trav\u00e9s de la tuber\u00eda nombrada \\\\\\\\.\\\\pipe\\\\dockerBackend sin verificar la validez de los objetos .NET deserializados. Esto permitir\u00eda que un usuario malicioso en el grupo \\\"docker-users\\\" (que, de otra forma, podr\u00eda no tener acceso de administrador) escale sus privilegios a nivel de administrador.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.10.0.0-0:*:*:*:community:windows:*:*\",\"matchCriteriaId\":\"75EE0C09-2480-49C2-82CF-CFE415EA1D46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.10.1.42-1:*:*:*:community:windows:*:*\",\"matchCriteriaId\":\"C64BD778-32B2-48A7-A60E-B40632071A3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.10.2.12:*:*:*:community:windows:*:*\",\"matchCriteriaId\":\"F0C1D108-3116-4760-B60A-29B0AC5DDD9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.10.2.14:*:*:*:community:windows:*:*\",\"matchCriteriaId\":\"F8A5EFD1-686B-45EE-8486-379BE11BF3F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.10.4.0:*:*:*:community:windows:*:*\",\"matchCriteriaId\":\"C941DFFA-E63E-4C1E-944E-5145BE8520A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.10.6:*:*:*:community:windows:*:*\",\"matchCriteriaId\":\"ED4DAF79-618F-414E-BA01-49E6A559CF50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.11.0:*:*:*:community:windows:*:*\",\"matchCriteriaId\":\"7773B0DB-BC39-402E-BECC-7E5D60C05212\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.11.0:beta10:*:*:community:windows:*:*\",\"matchCriteriaId\":\"BB8D95B4-919C-44C6-BD5F-1C074C03C806\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.11.0:beta7:*:*:community:windows:*:*\",\"matchCriteriaId\":\"3F354463-E70D-4EC2-BA5F-0260E46EA849\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.11.0:beta8:*:*:community:windows:*:*\",\"matchCriteriaId\":\"F4BEB0C7-CC5C-4064-8048-2F3E82BE49AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.11.0:beta9:*:*:community:windows:*:*\",\"matchCriteriaId\":\"EAFFE22E-C685-4E4B-8A52-338896CE54BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.11.1:beta11:*:*:community:windows:*:*\",\"matchCriteriaId\":\"5A22BE8E-99A1-4E35-A9F5-39CACE1B6040\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.11.1:beta11b:*:*:community:windows:*:*\",\"matchCriteriaId\":\"621EBA1C-6209-458F-8518-C93A727CE60F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.11.1:beta12:*:*:community:windows:*:*\",\"matchCriteriaId\":\"B2E93E38-3E5F-4174-A823-DD788D4A1829\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.11.1:beta13:*:*:community:windows:*:*\",\"matchCriteriaId\":\"9D2D3C31-F2DB-47C1-9341-E64011D86661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.11.1:beta14:*:*:community:windows:*:*\",\"matchCriteriaId\":\"81A2DB95-E0D9-4D33-A39E-C351D975F1B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.11.2:beta15:*:*:community:windows:*:*\",\"matchCriteriaId\":\"8B0A4AEE-7EE9-44B1-9AAE-D3DFACD8F98E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.0:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"075C09B5-FE9E-44C0-AFD4-B2BDCE2FDAA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.0:beta21:*:*:community:windows:*:*\",\"matchCriteriaId\":\"F6663998-DBE2-49B8-9636-8F4BBCFC3DBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.0:beta22:*:*:community:windows:*:*\",\"matchCriteriaId\":\"93EDCD8A-0432-4BF9-868E-FA9074060EC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.0:rc2-beta16:*:*:community:windows:*:*\",\"matchCriteriaId\":\"B1CAD773-44AF-40AC-B65D-97F3A0689FAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.0:rc2-beta17:*:*:community:windows:*:*\",\"matchCriteriaId\":\"A52E65C6-7DB4-468D-B91F-654BFDE9C3C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.0:rc3-beta18:*:*:community:windows:*:*\",\"matchCriteriaId\":\"06F89D97-7665-433B-B25F-F66FE23B6AEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.0:rc3-beta18.1:*:*:community:windows:*:*\",\"matchCriteriaId\":\"881FB068-8B13-4585-A718-3BFF119A0934\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.0:rc4-beta19:*:*:community:windows:*:*\",\"matchCriteriaId\":\"C901FDA8-23BF-40E3-9427-AC8B40145F18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.0:rc4-beta20:*:*:community:windows:*:*\",\"matchCriteriaId\":\"59DD40E5-C7EE-4D7D-B551-2EE7F52CDFDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.1:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"3A24BD65-38A7-46E4-8482-0947BD58757E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.1:beta24:*:*:community:windows:*:*\",\"matchCriteriaId\":\"8778CDA0-4018-4AF9-996C-3EB8EDD7DC0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.1:beta25:*:*:community:windows:*:*\",\"matchCriteriaId\":\"514E870E-47BA-44C9-9E32-731D9F69C4F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.1:beta26:*:*:community:windows:*:*\",\"matchCriteriaId\":\"E1971949-CA54-4E81-B355-10717F0C0CD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.1:beta29.1:*:*:community:windows:*:*\",\"matchCriteriaId\":\"A032102B-84D1-408D-838B-E38574AF5514\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.1:rc1-beta23:*:*:community:windows:*:*\",\"matchCriteriaId\":\"4067DC55-E422-4E39-AF38-0F006098F349\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.2:beta29.2:*:*:community:windows:*:*\",\"matchCriteriaId\":\"27616814-A5AB-44F2-92E9-0FF11F859B2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.2:rc1-beta27:*:*:community:windows:*:*\",\"matchCriteriaId\":\"A246673D-ADFB-459B-BCB6-002EE99A5077\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.2:rc3-beta28:*:*:community:windows:*:*\",\"matchCriteriaId\":\"7CEE20EA-A79A-46A0-B127-6AA3AFE8776C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.3:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"1565619C-D6CD-4446-8D42-7845E11F903F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.3:beta29.3:*:*:community:windows:*:*\",\"matchCriteriaId\":\"53B50673-0CCE-4A1D-BAC9-464AA3C4C792\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.3:beta30:*:*:community:windows:*:*\",\"matchCriteriaId\":\"14D7FA2B-FE02-4BFA-90FC-B5349D0D0490\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.3:rc1-beta29:*:*:community:windows:*:*\",\"matchCriteriaId\":\"2C172802-03EA-4AE0-B570-151ABB0E8266\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.12.5:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"5CE4B770-DFC9-422D-8CFD-F899DD32D142\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.0:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"ABBD2ACE-307E-4021-9165-2560658643F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.0:beta38:*:*:community:windows:*:*\",\"matchCriteriaId\":\"28B27B5C-FC2E-4D5F-AD80-6DC1512737C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.0:beta39:*:*:community:windows:*:*\",\"matchCriteriaId\":\"D4C45FBD-DDC5-4D5E-B685-BC875C1123DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.0:rc2-beta31:*:*:community:windows:*:*\",\"matchCriteriaId\":\"63149AFC-FF10-4891-9FF7-5E29BED332FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.0:rc3-beta32:*:*:community:windows:*:*\",\"matchCriteriaId\":\"80504172-D891-46ED-968B-15A16851E055\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.0:rc3-beta32.1:*:*:community:windows:*:*\",\"matchCriteriaId\":\"3DDB7AD7-13A8-4406-AAF6-04335C8EC9D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.0:rc3-beta33:*:*:community:windows:*:*\",\"matchCriteriaId\":\"6E3EA94A-E759-4D09-AE37-4285E7DB625E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.0:rc4-beta34:*:*:community:windows:*:*\",\"matchCriteriaId\":\"42C702B0-4C6D-4595-921D-6F8444BDD27D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.0:rc5-beta35:*:*:community:windows:*:*\",\"matchCriteriaId\":\"8DC93CDE-EA4C-46C3-BCEF-5853F891AD71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.0:rc6-beta36:*:*:community:windows:*:*\",\"matchCriteriaId\":\"928B8913-9E02-4EC4-9D95-C94848828C07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.0:rc7-beta37:*:*:community:windows:*:*\",\"matchCriteriaId\":\"77E37EC4-EB4D-48ED-8B2A-C86506D121CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.1:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"1BF8ED77-6AB6-49C0-B456-0672F0007C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.1:rc1-beta40:*:*:community:windows:*:*\",\"matchCriteriaId\":\"AAF125E9-74FE-4C4F-862E-F85075CAC778\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:1.13.1:rc2-beta41:*:*:community:windows:*:*\",\"matchCriteriaId\":\"B012C23D-DA07-466D-83BE-E96207646033\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.0.4:win7:*:*:community:windows:*:*\",\"matchCriteriaId\":\"6AB3E159-4585-4BA8-B3F0-1C34656DBF7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.0.5:win9:*:*:community:windows:*:*\",\"matchCriteriaId\":\"7ACFEE15-EE8A-4C9A-826E-30D7F97071C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.03.0:*:*:*:community:windows:*:*\",\"matchCriteriaId\":\"516BBB86-054E-49DF-8DDC-CE74639DDD12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.03.0:rc1-win1:*:*:community:windows:*:*\",\"matchCriteriaId\":\"564BCCEC-E6D8-4B5D-A6E4-876D3F671851\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.03.1:win12:*:*:community:windows:*:*\",\"matchCriteriaId\":\"DD07550E-3155-475B-8152-2A7256F9BF74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.04.0:win6:*:*:community:windows:*:*\",\"matchCriteriaId\":\"D98B4755-468F-45C4-91C6-CCA87A218F23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.06.0:win13:*:*:community:windows:*:*\",\"matchCriteriaId\":\"ED89DFDA-30CC-4835-A249-684DF582C5CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.06.0:win14:*:*:community:windows:*:*\",\"matchCriteriaId\":\"60CFB208-6C04-4412-B45F-55DF1AEF911B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.06.0:win15:*:*:community:windows:*:*\",\"matchCriteriaId\":\"B192ABF5-8FF4-47AF-9D6B-F87D44F2AB71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.06.0:win16:*:*:community:windows:*:*\",\"matchCriteriaId\":\"05C9D372-2016-4209-95EF-B878D12B6135\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.06.0:win17:*:*:community:windows:*:*\",\"matchCriteriaId\":\"A6ADB083-FD23-4A7F-B1C8-37F6A7B242E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.06.0:win18:*:*:community:windows:*:*\",\"matchCriteriaId\":\"E3AFEDA5-18A0-4282-A167-B1A89E507D49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.06.1:rc1-win20:*:*:community:windows:*:*\",\"matchCriteriaId\":\"5EEAE95B-3992-48B2-9948-4BB67BE23C40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.06.1:rc1-win24:*:*:community:windows:*:*\",\"matchCriteriaId\":\"4CA3DF3A-9460-4F94-A1C8-6266110ACEB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.06.2:win27:*:*:community:windows:*:*\",\"matchCriteriaId\":\"D4CE903B-BB7C-4E12-A876-CBE7A0CFB8EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.07.0:rc1-win21:*:*:community:windows:*:*\",\"matchCriteriaId\":\"9A6DDBBE-813B-4834-819C-3C10A0E6D27E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.07.0:rc2-win22:*:*:community:windows:*:*\",\"matchCriteriaId\":\"FD578365-B1F2-4206-90D5-204DCA0C3C96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.07.0:rc3-win23:*:*:community:windows:*:*\",\"matchCriteriaId\":\"5F8F7EA2-1629-445C-8C84-729F61E6AF47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.07.0:rc4-win25:*:*:community:windows:*:*\",\"matchCriteriaId\":\"D62A6E93-EF27-4AAF-9A9A-D0359D16D251\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.07.0:win26:*:*:community:windows:*:*\",\"matchCriteriaId\":\"061988B5-5AB9-43C8-9FAB-DDB0E4FD3939\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.09.0:rc1-win28:*:*:community:windows:*:*\",\"matchCriteriaId\":\"0DBC9ED8-F35B-4166-9CC1-6EC98BBCA934\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.09.0:rc2-win29:*:*:community:windows:*:*\",\"matchCriteriaId\":\"B8C2214C-0501-4599-A87C-00761AA74D6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.09.0:rc3-win30:*:*:community:windows:*:*\",\"matchCriteriaId\":\"333C132D-5428-4D7F-A45A-003E3FE8B759\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.09.0:win31:*:*:community:windows:*:*\",\"matchCriteriaId\":\"25C1E065-84AB-4869-AF39-70FD9D56B25B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.09.0:win32:*:*:community:windows:*:*\",\"matchCriteriaId\":\"00364002-CD94-4836-99DD-1DCEBCAE5366\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.09.0:win33:*:*:community:windows:*:*\",\"matchCriteriaId\":\"8F4ED954-7BBD-4748-8E7A-87AC736CF915\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.09.0:win34:*:*:community:windows:*:*\",\"matchCriteriaId\":\"C6B34836-13CE-4C80-BBE4-00BF192FB62E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.09.1:win42:*:*:community:windows:*:*\",\"matchCriteriaId\":\"EA48FE95-EC6E-412E-B39B-AA069EBDC6A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.10.0:win36:*:*:community:windows:*:*\",\"matchCriteriaId\":\"9E2EAFA5-AE2C-40F3-8C77-3488A90F3C7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.11.0:rc2-win37:*:*:community:windows:*:*\",\"matchCriteriaId\":\"5EDF8C69-CA99-4013-85E4-3B0B83C66756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.11.0:rc3-win38:*:*:community:windows:*:*\",\"matchCriteriaId\":\"3E656584-3B8E-4C45-81F6-A6A9228D1A13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.11.0:rc4-win39:*:*:community:windows:*:*\",\"matchCriteriaId\":\"01449C91-E503-447B-B692-B1B79E15DF6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.11.0:win40:*:*:community:windows:*:*\",\"matchCriteriaId\":\"DC81DD87-91FF-4A2B-B0FA-8C5E9FE972FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.12.0:rc2-win41:*:*:community:windows:*:*\",\"matchCriteriaId\":\"906378CF-358A-45D0-ACA4-91B92668DA0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.12.0:rc3-win43:*:*:community:windows:*:*\",\"matchCriteriaId\":\"47BD87E0-2D15-4BCA-8834-E7E8FEA84AF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.12.0:rc4-win44:*:*:community:windows:*:*\",\"matchCriteriaId\":\"CBC1A03F-7B4A-49A7-BD97-DB0CCD3DE1DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.12.0:win45:*:*:community:windows:*:*\",\"matchCriteriaId\":\"5EFECB02-3416-462F-8D59-13C1A1E301DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.12.0:win46:*:*:community:windows:*:*\",\"matchCriteriaId\":\"CD3A423E-3900-410E-A4E9-E4FC0571732C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:17.12.0:win47:*:*:community:windows:*:*\",\"matchCriteriaId\":\"EF28F00E-801C-47C5-B4F2-C8C37D6DF9BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:18.01.0:win48:*:*:community:windows:*:*\",\"matchCriteriaId\":\"FBA4C9AD-F692-4130-8968-B1C67C76C666\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:18.02.0:rc1-win50:*:*:community:windows:*:*\",\"matchCriteriaId\":\"D158838B-15AD-4BFE-A6D8-E6980337BEE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:18.02.0:rc2-win51:*:*:community:windows:*:*\",\"matchCriteriaId\":\"3CD92CB8-6369-4212-8BEB-0395A9FB9115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:18.02.0:win52:*:*:community:windows:*:*\",\"matchCriteriaId\":\"E1EAC1F9-0A84-4FD6-B552-87BA9020257C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:18.03.0:rc3-win56:*:*:community:windows:*:*\",\"matchCriteriaId\":\"E60F90BB-A3DD-47C0-8F7E-BAD8045331B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:18.03.0:win58:*:*:community:windows:*:*\",\"matchCriteriaId\":\"4B35132A-1955-49E9-A336-5C9390B51A84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:18.03.0:win59:*:*:community:windows:*:*\",\"matchCriteriaId\":\"F143F995-DB17-40F6-9797-39A9CBFC487E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:18.03.1:win65:*:*:community:windows:*:*\",\"matchCriteriaId\":\"C824F3F5-1DD6-4DE9-ADE0-3F677EFD75F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:18.04.0:rc2-win61:*:*:community:windows:*:*\",\"matchCriteriaId\":\"56D08EEE-6A53-4D9D-BDAD-308B980E3529\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:18.05.0:rc1-win63:*:*:community:windows:*:*\",\"matchCriteriaId\":\"C20F89FB-C503-4EB1-8786-8E32EF0F6717\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:18.05.0:win66:*:*:community:windows:*:*\",\"matchCriteriaId\":\"A92250A7-C706-43AC-A74B-0D6E7730742A\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/105202\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://docs.docker.com/docker-for-windows/edge-release-notes/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://docs.docker.com/docker-for-windows/release-notes/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://srcincite.io/blog/2018/08/31/you-cant-contain-me-analyzing-and-exploiting-an-elevation-of-privilege-in-docker-for-windows.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105202\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://docs.docker.com/docker-for-windows/edge-release-notes/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://docs.docker.com/docker-for-windows/release-notes/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://srcincite.io/blog/2018/08/31/you-cant-contain-me-analyzing-and-exploiting-an-elevation-of-privilege-in-docker-for-windows.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.