Privilege Escalation

2021-02-0912:44:09

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

6.8 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

2.7 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:L/Au:S/C:N/I:P/A:N

JSON

docker is vulnerable to privilege escalation. The --userns-remap option allows the root user in the remapped namespace, who has access to the host filesystem, to modify files under /var/lib/docker/ and write files with extended privileges.

CPENameOperatorVersion
docker.io:sideq19.03.13+dfsg3-1
docker.io:bullseyeeq19.03.13+dfsg1-3
docker:3.12eq19.03.9-r0
docker.io:bustereq18.09.1+dfsg1-7.1+deb10u2
docker:edgeeq19.03.8-r1
docker:edgeeq19.03.8-r0
docker:edgeeq19.03.6-r2
docker:edgeeq19.03.10-r0
docker:edgeeq19.03.7-r0
docker.io:bioniceq19.03.6-0ubuntu1~18.04.2

Name	Operator	Version
docker.io:sid	eq	19.03.13+dfsg3-1
docker.io:bullseye	eq	19.03.13+dfsg1-3
docker:3.12	eq	19.03.9-r0
docker.io:buster	eq	18.09.1+dfsg1-7.1+deb10u2
docker:edge	eq	19.03.8-r1
docker:edge	eq	19.03.8-r0
docker:edge	eq	19.03.6-r2
docker:edge	eq	19.03.10-r0
docker:edge	eq	19.03.7-r0
docker.io:bionic	eq	19.03.6-0ubuntu1~18.04.2