CVE-2022-37326

Опубликовано: 27 апр. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Docker Desktop for Windows before 4.6.0 allows attackers to delete (or create) any file through the dockerBackendV2 windowscontainers/start API by controlling the pidfile field inside the DaemonJSON field in the WindowsContainerStartRequest class. This can indirectly lead to privilege escalation.

Ссылки

https://docs.docker.com/desktop/release-notes/#docker-desktop-460
Release Notes
https://www.cyberark.com/resources/threat-research-blog/breaking-docker-named-pipes-systematically-docker-desktop-privilege-escalation-part-2
Third Party Advisory
https://docs.docker.com/desktop/release-notes/#docker-desktop-460
Release Notes
https://www.cyberark.com/resources/threat-research-blog/breaking-docker-named-pipes-systematically-docker-desktop-privilege-escalation-part-2
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:docker:desktop:*:*:*:*:windows:*:*:*

Версия до 4.6.0 (исключая)

EPSS

Процентиль: 12%

0.0004

Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-863

Связанные уязвимости

GHSA-4x95-p9f4-3p7r