Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-3499HistoryJul 11, 2014 - 2:55 p.m.
CVE-2014-3499
2014-07-1114:55:04
Debian Security Bug Tracker
security-tracker.debian.org
8
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | docker.io | < 20.10.24+dfsg1-1 | docker.io_20.10.24+dfsg1-1_all.deb |
| Debian | 11 | all | docker.io | < 20.10.5+dfsg1-1+deb11u2 | docker.io_20.10.5+dfsg1-1+deb11u2_all.deb |
| Debian | 10 | all | docker.io | < 18.09.1+dfsg1-7.1+deb10u3 | docker.io_18.09.1+dfsg1-7.1+deb10u3_all.deb |
| Debian | 999 | all | docker.io | < 20.10.25+dfsg1-3 | docker.io_20.10.25+dfsg1-3_all.deb |
| Debian | 13 | all | docker.io | < 20.10.25+dfsg1-3 | docker.io_20.10.25+dfsg1-3_all.deb |
Related
nessus
nessus
Fedora 20 : docker-io-1.0.0-6.fc20 (2014-8021)
2014-07-14 00:00:00
RHEL 7 : docker (RHSA-2014:0820)
2014-11-08 00:00:00
Fedora 19 : docker-io-1.0.0-6.fc19 (2014-8034)
2014-07-14 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: docker-io-1.0.0-6.fc19
2014-07-14 00:54:10
[SECURITY] Fedora 20 Update: docker-io-1.0.0-6.fc20
2014-07-14 00:55:28
ubuntucve
ubuntucve
CVE-2014-3499
2014-07-11 00:00:00
redhat
redhat
(RHSA-2014:0820) Important: docker security update
2014-07-01 00:00:00
osv
osv
Privilege Escalation in Docker
2022-02-15 00:40:44
veracode
veracode
Escalation Of Privileges
2017-05-03 05:37:40
cvelist
cvelist
CVE-2014-3499
2014-07-11 14:00:00
openvas
openvas
Fedora Update for docker-io FEDORA-2014-8034
2014-07-15 00:00:00
Fedora Update for docker-io FEDORA-2014-8021
2014-07-15 00:00:00
prion
prion
Code injection
2014-07-11 14:55:00
nvd
nvd
CVE-2014-3499
2014-07-11 14:55:04
seebug
seebug
docker 1.0.0 docker.socket world accessible
2016-01-13 00:00:00
github
github
Privilege Escalation in Docker
2022-02-15 00:40:44
cve
cve
CVE-2014-3499
2014-07-11 14:55:04
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2014-3499