CVE-2019-15752

Docker | Desktop Community EditionAdded 2021-11-03Remediation Deadline 2022-05-03

Docker Desktop Community Edition Privilege Escalation Vulnerability

Docker Desktop Community Edition contains a vulnerability that may allow local users to escalate privileges by placing a trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-732

References

https://nvd.nist.gov/vuln/detail/CVE-2019-15752

Cybersecurity Alerts

CVE-2019-15752

Docker Desktop Community Edition Privilege Escalation Vulnerability

Required Action

Weakness Classification

References