Docker Desktop before 3.6.0 suffers from incorrect access control. If a low-privileged account is able to access the server running the Windows containers, it can lead to a full container compromise in both process isolation and Hyper-V isolation modes. This security issue leads an attacker with low privilege to read, write and possibly even execute code inside the containers.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://docs.docker.com/docker-for-windows/release-notes/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-08-12T13:30:30
Updated: 2024-08-04T01:30:08.446Z
Reserved: 2021-08-02T00:00:00
Link: CVE-2021-37841
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-08-12T14:15:07.010
Modified: 2024-11-21T06:15:57.333
Link: CVE-2021-37841
Redhat
No data.