CVE-2019-15752: Docker Desktop Community Edition Privilege Escalation Vulnerability
First published: Wed Aug 28 2019(Updated: )
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run 'docker login' to force the command.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Docker Docker | <2.1.0.1 | |
| Microsoft Windows | ||
| Docker Desktop Community Edition | ||
| All of | ||
| Docker Docker | <2.1.0.1 | |
| Microsoft Windows | ||
| Apache Geode | =1.12.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/157404/Docker-Credential-Wincred.exe-Privilege-Escalation.html
- https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E
- https://medium.com/@morgan.henry.roman/elevation-of-privilege-in-docker-for-windows-2fd8450b478e
- https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
- https://medium.com/%40morgan.henry.roman/elevation-of-privilege-in-docker-for-windows-2fd8450b478e
- https://nvd.nist.gov/vuln/detail/CVE-2019-15752
Frequently Asked Questions
What is the vulnerability ID for this Docker Desktop Community Edition Privilege Escalation vulnerability?
The vulnerability ID for this Docker Desktop Community Edition Privilege Escalation vulnerability is CVE-2019-15752.
What is the severity of CVE-2019-15752?
CVE-2019-15752 has a severity score of 7.8, which is considered critical.
How can local users exploit this vulnerability?
Local users can gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker Desktop, or wait for a system restart.
Which versions of Docker Desktop Community Edition are affected?
Versions before 2.1.0.1 of Docker Desktop Community Edition are affected by this privilege escalation vulnerability.
How do I fix this vulnerability?
To fix this vulnerability, update Docker Desktop Community Edition to version 2.1.0.1 or later.
- collector/nvd-index
- agent/type
- agent/description
- agent/title
- agent/weakness
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/author
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/references
- agent/tags
- collector/nvd-cve
- vendor/docker
- canonical/docker docker
- vendor/microsoft
- canonical/microsoft windows
- vendor/apache
- canonical/apache geode
- version/apache geode/1.12.0
- canonical/docker desktop community edition