What is CVE-2023-5165?

CVE-2023-5165 is a vulnerability in Docker Desktop before 4.23.0 that allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions.

How can an unprivileged user bypass Enhanced Container Isolation (ECI) in Docker Desktop before 4.23.0?

An unprivileged user can bypass Enhanced Container Isolation (ECI) in Docker Desktop before 4.23.0 by accessing the debug shell, which remains accessible for a short time window after launching Docker Desktop.

Who is affected by CVE-2023-5165?

CVE-2023-5165 affects Docker Desktop users before version 4.23.0.

What is the severity of CVE-2023-5165?

CVE-2023-5165 has a severity rating of 8.8 (high).

How can I fix CVE-2023-5165?

To fix CVE-2023-5165, users should update Docker Desktop to version 4.23.0 or later.

Vulnerability/
CVE-2023-5165

high

8.8

CWE

862 424

25/9/2023

21/11/2024

CVE-2023-5165: Docker Desktop before 4.23.0 allows Enhanced Container Isolation bypass via debug shell

First published: Mon Sep 25 2023(Updated: )

Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges. This issue has been fixed in Docker Desktop 4.23.0. Affected Docker Desktop versions: from 4.13.0 before 4.23.0.

Credit: security@docker.com security@docker.com

Affected Software	Affected Version	How to fix
Docker Docker Desktop	>=4.13.0<4.23.0
	>=4.13.0<4.23.0

Remedy

Update to version 4.23.0

Never miss a vulnerability like this again

Reference Links

https://docs.docker.com/desktop/release-notes/#4230

Frequently Asked Questions

What is CVE-2023-5165?
CVE-2023-5165 is a vulnerability in Docker Desktop before 4.23.0 that allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions.
How can an unprivileged user bypass Enhanced Container Isolation (ECI) in Docker Desktop before 4.23.0?
An unprivileged user can bypass Enhanced Container Isolation (ECI) in Docker Desktop before 4.23.0 by accessing the debug shell, which remains accessible for a short time window after launching Docker Desktop.
Who is affected by CVE-2023-5165?
CVE-2023-5165 affects Docker Desktop users before version 4.23.0.
What is the severity of CVE-2023-5165?
CVE-2023-5165 has a severity rating of 8.8 (high).
How can I fix CVE-2023-5165?
To fix CVE-2023-5165, users should update Docker Desktop to version 4.23.0 or later.

collector/nvd-index
agent/weakness
agent/author
agent/type
agent/remedy
agent/title
agent/severity
agent/references
agent/description
agent/first-publish-date
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/softwarecombine
agent/tags
agent/event
vendor/docker
canonical/docker docker desktop
version/docker docker desktop/4.13.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.