CVE-2023-5165
Docker Desktop before 4.23.0 allows Enhanced Container Isolation bypass via debug shell
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges.
This issue has been fixed in Docker Desktop 4.23.0.
Affected Docker Desktop versions: from 4.13.0 before 4.23.0.
Docker Desktop anterior a 4.23.0 permite a un usuario sin privilegios evitar las restricciones de Enhanced Container Isolation (ECI) a través del shell de depuración, al que permanece accesible durante un breve período de tiempo después de iniciar Docker Desktop. La funcionalidad afectada está disponible solo para clientes de Docker Business y asume un entorno donde los usuarios no reciben privilegios de administrador o root local. Este problema se solucionó en Docker Desktop 4.23.0. Versiones de Docker Desktop afectadas: desde 4.13.0 anterior a 4.23.0.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2023-09-25 CVE Reserved
- 2023-09-25 CVE Published
- 2023-09-26 EPSS Updated
- 2024-09-24 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-424: Improper Protection of Alternate Path
- CWE-862: Missing Authorization
CAPEC
- CAPEC-554: Functionality Bypass
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://docs.docker.com/desktop/release-notes/#4230 | 2023-09-26 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Docker Search vendor "Docker" | Docker Desktop Search vendor "Docker" for product "Docker Desktop" | >= 4.13.0 < 4.23.0 Search vendor "Docker" for product "Docker Desktop" and version " >= 4.13.0 < 4.23.0" | - |
Affected
|