PT-2023-13549 · Docker · Docker

Published

2023-01-31

Updated

2023-05-02

CVE-2022-37708

CVSS v3.1

6.8

Medium

Vector

AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Docker version 20.10.15

Description The issue allows unauthorized users outside the Docker container to access any files within the Docker container due to insecure permissions.

Recommendations For Docker version 20.10.15, consider restricting access to the container's files until a patch is available. As a temporary workaround, review and adjust the permissions of the files within the Docker container to minimize the risk of unauthorized access.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-37708

Affected Products

Docker

PT-2023-13549 · Docker · Docker

CVE-2022-37708

Related Identifiers

Affected Products

References · 8