Docker Desktop <4.23.0 Unprivileged ECI Bypass via Debug Shell
CVE-2023-5165 Published on September 25, 2023
Docker Desktop before 4.23.0 allows Enhanced Container Isolation bypass via debug shell
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges.
This issue has been fixed in Docker Desktop 4.23.0.
Affected Docker Desktop versions: from 4.13.0 before 4.23.0.
Vulnerability Analysis
CVE-2023-5165 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.
Weakness Types
What is an AuthZ Vulnerability?
The software does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2023-5165 has been classified to as an AuthZ vulnerability or weakness.
Improper Protection of Alternate Path
The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.
Products Associated with CVE-2023-5165
Want to know whenever a new CVE is published for Docker Desktop? stack.watch will email you.
Affected Versions
Docker Inc. Docker Desktop:- Version 4.13.0 and below 4.23.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.