Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run 'docker login' to force the command.
{
"unresolved_ranges": [
{
"source": "CPE_RANGE",
"cpes": [
"cpe:2.3:a:docker:docker:*:*:*:*:community:*:*:*"
],
"vendor_product": "docker:docker",
"extracted_events": [
{
"fixed": "2.1.0.1"
},
{
"fixed": "2.1.0.1"
},
{
"fixed": "2.1.0.1"
}
]
}
]
}