CVE-2018-15514
Severity CVSS v4.0:
Pending analysis
Type:
CWE-502
Deserialization of Untrusted Dat
Publication date:
01/09/2018
Last modified:
09/11/2018
Description
HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users" group (who may not otherwise have administrator access) to escalate to administrator privileges.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Base Score 2.0
6.50
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:docker:docker:1.10.0.0-0:*:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.10.1.42-1:*:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.10.2.12:*:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.10.2.14:*:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.10.4.0:*:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.10.6:*:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.11.0:*:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.11.0:beta10:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.11.0:beta7:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.11.0:beta8:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.11.0:beta9:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.11.1:beta11:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.11.1:beta11b:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.11.1:beta12:*:*:community:windows:*:* | ||
cpe:2.3:a:docker:docker:1.11.1:beta13:*:*:community:windows:*:* |
To consult the complete list of CPE names with products and versions, see this page