logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2019-15752

Description

Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run 'docker login' to force the command.


Affected Software


CPE Name Name Version
docker:docker docker 2.1.0.1

Related