Docker CVE-2019-15752 Permission Bypass Vulnerability

description-logoDescription

Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\\DockerDesktop\\version-bin\\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run \'docker login\' to force the command.

affected-products-logoAffected Applications

Docker

CVE References

CVE-2019-15752