Vulnerability Details CVE-2022-37326
Docker Desktop for Windows before 4.6.0 allows attackers to delete (or create) any file through the dockerBackendV2 windowscontainers/start API by controlling the pidfile field inside the DaemonJSON field in the WindowsContainerStartRequest class. This can indirectly lead to privilege escalation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.4%
CVSS Severity
CVSS v3 Score 7.8
References
- https://docs.docker.com/desktop/release-notes/#docker-desktop-460
- https://www.cyberark.com/resources/threat-research-blog/breaking-docker-named-pipes-systematically-docker-desktop-privilege-escalation-part-2
- https://docs.docker.com/desktop/release-notes/#docker-desktop-460
- https://www.cyberark.com/resources/threat-research-blog/breaking-docker-named-pipes-systematically-docker-desktop-privilege-escalation-part-2
Products affected by CVE-2022-37326
-
cpe:2.3:a:docker:desktop:-
-
cpe:2.3:a:docker:desktop:2.1.0.1
-
cpe:2.3:a:docker:desktop:2.1.0.2
-
cpe:2.3:a:docker:desktop:2.1.0.3
-
cpe:2.3:a:docker:desktop:2.1.0.4
-
cpe:2.3:a:docker:desktop:2.1.0.5
-
cpe:2.3:a:docker:desktop:2.2.0.0
-
cpe:2.3:a:docker:desktop:2.2.0.3
-
cpe:2.3:a:docker:desktop:2.2.0.4