Executive Summary

Informations
Name CVE-2023-0629 First vendor Publication 2023-03-13
Vendor Cve Last vendor Modification 2023-11-07

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Overall CVSS Score 7.1
Base Score 7.1 Environmental Score 7.1
impact SubScore 5.2 Temporal Score 7.1
Exploitabality Sub Score 1.8
 
Attack Vector Local Attack Complexity Low
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact None
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/docker_engine_linux on Windows, via the -H (--host) CLI flag or the DOCKER_HOST environment variable and launch containers without the additional hardening features provided by ECI. This would not affect already running containers, nor containers launched through the usual approach (without Docker's raw socket).

The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges. This issue has been fixed in Docker Desktop 4.17.0.

Affected Docker Desktop versions: from 4.13.0 before 4.17.0.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0629

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 4

Sources (Detail)

Source Url
MISC https://docs.docker.com/desktop/release-notes/#4170

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2023-11-07 21:29:47
  • Multiple Updates
2023-03-16 17:27:17
  • Multiple Updates
2023-03-13 17:27:14
  • First insertion