CVE-2019-15752

2019-08-28T21:15:00
ID CVE-2019-15752
Type cve
Reporter cve@mitre.org
Modified 2020-04-27T17:15:00

Description

Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run 'docker login' to force the command.