CVE-2019-13509
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret.
En Docker CE y EE antes de 18.09.8 (así como en Docker EE antes de 17.06.2-ee-23 y 18.x antes de 18.03.1-ee-10), Docker Engine en modo de depuración a veces puede agregar secretos al registro de depuración. . Esto se aplica a un escenario en el que la implementación de la pila de la ventana acoplable se ejecuta para volver a implementar una pila que incluye secretos (no externos). Potencialmente se aplica a otros usuarios de API de la API de pila si reenvían el secreto.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-07-11 CVE Reserved
- 2019-07-18 CVE Published
- 2024-07-11 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-532: Insertion of Sensitive Information into Log File
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/109253 | Third Party Advisory | |
https://seclists.org/bugtraq/2019/Sep/21 | Mailing List | |
https://security.netapp.com/advisory/ntap-20190828-0003 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | >= 18.09.0 < 18.09.8 Search vendor "Docker" for product "Docker" and version " >= 18.09.0 < 18.09.8" | enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.03.2 Search vendor "Docker" for product "Docker" and version "17.03.2" | 1, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.03.2 Search vendor "Docker" for product "Docker" and version "17.03.2" | 2, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.03.2 Search vendor "Docker" for product "Docker" and version "17.03.2" | 3, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.03.2 Search vendor "Docker" for product "Docker" and version "17.03.2" | 4, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.03.2 Search vendor "Docker" for product "Docker" and version "17.03.2" | 5, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.03.2 Search vendor "Docker" for product "Docker" and version "17.03.2" | 6, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.03.2 Search vendor "Docker" for product "Docker" and version "17.03.2" | 7, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.03.2 Search vendor "Docker" for product "Docker" and version "17.03.2" | 8, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 1, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 10, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 11, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 12, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 13, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 15, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 16, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 17, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 18, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 19, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 2, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 20, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 21, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 22, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 3, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 4, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 5, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 6, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 7, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 8, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 17.06.2 Search vendor "Docker" for product "Docker" and version "17.06.2" | 9, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 18.03.1 Search vendor "Docker" for product "Docker" and version "18.03.1" | 1, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 18.03.1 Search vendor "Docker" for product "Docker" and version "18.03.1" | 2, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 18.03.1 Search vendor "Docker" for product "Docker" and version "18.03.1" | 3, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 18.03.1 Search vendor "Docker" for product "Docker" and version "18.03.1" | 4, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 18.03.1 Search vendor "Docker" for product "Docker" and version "18.03.1" | 5, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 18.03.1 Search vendor "Docker" for product "Docker" and version "18.03.1" | 6, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 18.03.1 Search vendor "Docker" for product "Docker" and version "18.03.1" | 7, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 18.03.1 Search vendor "Docker" for product "Docker" and version "18.03.1" | 8, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | 18.03.1 Search vendor "Docker" for product "Docker" and version "18.03.1" | 9, enterprise |
Affected
| ||||||
Docker Search vendor "Docker" | Docker Search vendor "Docker" for product "Docker" | < 18.09.8 Search vendor "Docker" for product "Docker" and version " < 18.09.8" | community |
Affected
|