fkie_cve-2019-13509
Vulnerability from fkie_nvd
Published
2019-07-18 16:15
Modified
2024-11-21 04:25
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html
cve@mitre.orghttp://www.securityfocus.com/bid/109253Third Party Advisory, VDB Entry
cve@mitre.orghttps://docs.docker.com/engine/release-notes/Release Notes, Vendor Advisory
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N674WD3OBDPHLWY6EABRHQH5ON6SUJBU/
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PFFBVE7O73TAVY2BCWXSA2OOSLJVCPXC/
cve@mitre.orghttps://seclists.org/bugtraq/2019/Sep/21
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20190828-0003/
cve@mitre.orghttps://www.debian.org/security/2019/dsa-4521
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/109253Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://docs.docker.com/engine/release-notes/Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N674WD3OBDPHLWY6EABRHQH5ON6SUJBU/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PFFBVE7O73TAVY2BCWXSA2OOSLJVCPXC/
af854a3a-2127-422b-91ae-364da2661108https://seclists.org/bugtraq/2019/Sep/21
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20190828-0003/
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2019/dsa-4521
Impacted products
Vendor Product Version
docker docker *
docker docker 17.03.2
docker docker 17.03.2
docker docker 17.03.2
docker docker 17.03.2
docker docker 17.03.2
docker docker 17.03.2
docker docker 17.03.2
docker docker 17.03.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 17.06.2
docker docker 18.03.1
docker docker 18.03.1
docker docker 18.03.1
docker docker 18.03.1
docker docker 18.03.1
docker docker 18.03.1
docker docker 18.03.1
docker docker 18.03.1
docker docker 18.03.1
docker docker *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:docker:docker:*:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "4D022DE6-8533-4360-8F03-B210E63B31AB",
              "versionEndExcluding": "18.09.8",
              "versionStartIncluding": "18.09.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.03.2:1:*:*:enterprise:*:*:*",
              "matchCriteriaId": "3A35124F-EC46-4CFC-A2A2-893AC0063AF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.03.2:2:*:*:enterprise:*:*:*",
              "matchCriteriaId": "2C1A46D9-A718-4944-8A51-AA576665A3AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.03.2:3:*:*:enterprise:*:*:*",
              "matchCriteriaId": "343474A5-E102-4DC1-B11E-F7EB93B8BD34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.03.2:4:*:*:enterprise:*:*:*",
              "matchCriteriaId": "DF245918-BDC1-4DF8-AEDA-752B4530F634",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.03.2:5:*:*:enterprise:*:*:*",
              "matchCriteriaId": "97E72881-8988-4931-AA78-1E998D03A37B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.03.2:6:*:*:enterprise:*:*:*",
              "matchCriteriaId": "5ADC31D5-B913-428A-9F7A-5E85349FC5CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.03.2:7:*:*:enterprise:*:*:*",
              "matchCriteriaId": "C48F0193-894D-4B64-8301-884EBB1DDE8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.03.2:8:*:*:enterprise:*:*:*",
              "matchCriteriaId": "4D2262C9-231A-4978-88EF-B59267B5F5CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:1:*:*:enterprise:*:*:*",
              "matchCriteriaId": "E03D470E-5C28-4935-8ECA-62EED8629889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:10:*:*:enterprise:*:*:*",
              "matchCriteriaId": "032171DB-4D2A-4691-95E2-DC5791DE1F9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:11:*:*:enterprise:*:*:*",
              "matchCriteriaId": "92852E25-5EE1-477F-BAB9-735DA676F950",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:12:*:*:enterprise:*:*:*",
              "matchCriteriaId": "86BD817A-3BED-46A1-A047-6531D495F05C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:13:*:*:enterprise:*:*:*",
              "matchCriteriaId": "AC6A6285-12CC-4591-B722-AA5943915696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:15:*:*:enterprise:*:*:*",
              "matchCriteriaId": "0B487089-A678-4306-AF75-DBC792A23BCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:16:*:*:enterprise:*:*:*",
              "matchCriteriaId": "45FEBF98-DE0E-4F78-B9A4-7BCB9F4202C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:17:*:*:enterprise:*:*:*",
              "matchCriteriaId": "26D5DFE0-ED60-448B-92C7-4A06611755AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:18:*:*:enterprise:*:*:*",
              "matchCriteriaId": "296CC9ED-9AF2-41AE-93CF-4B8C94CE7743",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:19:*:*:enterprise:*:*:*",
              "matchCriteriaId": "0178061A-1909-4E39-BF20-3BFD9E8BF22B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:2:*:*:enterprise:*:*:*",
              "matchCriteriaId": "444A75C4-8331-46B3-A056-C4944DF3D792",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:20:*:*:enterprise:*:*:*",
              "matchCriteriaId": "EAF2CFD3-63EB-4DBC-B7A0-BA8858F51F29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:21:*:*:enterprise:*:*:*",
              "matchCriteriaId": "4CAEE8A8-337B-406B-9AF0-2538D54F1514",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:22:*:*:enterprise:*:*:*",
              "matchCriteriaId": "E5CBCA34-6BC1-4069-A12D-78DCA5F06BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:3:*:*:enterprise:*:*:*",
              "matchCriteriaId": "43BA9F49-85B3-47BD-ABA5-08A234EEDFBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:4:*:*:enterprise:*:*:*",
              "matchCriteriaId": "FBE59DD2-4AD2-4FC9-B5B0-2DD2E4DA219E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:5:*:*:enterprise:*:*:*",
              "matchCriteriaId": "D613D8B1-3608-40B5-ACDA-D0EC0B152F9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:6:*:*:enterprise:*:*:*",
              "matchCriteriaId": "1B9A48AB-A032-4911-928F-6D86B86FB847",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:7:*:*:enterprise:*:*:*",
              "matchCriteriaId": "3A86A73A-CAEC-483A-8C42-D1EC88B1A848",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:8:*:*:enterprise:*:*:*",
              "matchCriteriaId": "8CB75426-B766-48EC-A681-A82747737276",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:17.06.2:9:*:*:enterprise:*:*:*",
              "matchCriteriaId": "42195FEA-1D74-42B2-9212-DF162E0470AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:18.03.1:1:*:*:enterprise:*:*:*",
              "matchCriteriaId": "53935883-E828-40A7-83F4-7218542A401C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:18.03.1:2:*:*:enterprise:*:*:*",
              "matchCriteriaId": "FB720999-4540-487B-9133-32C85026836B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:18.03.1:3:*:*:enterprise:*:*:*",
              "matchCriteriaId": "CBEA8855-C9FE-4301-ADAF-993874DDF7F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:18.03.1:4:*:*:enterprise:*:*:*",
              "matchCriteriaId": "353070E6-89AD-40C4-9A45-AF993DE52BF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:18.03.1:5:*:*:enterprise:*:*:*",
              "matchCriteriaId": "D4541E93-762A-40DF-B596-A5F359049C0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:18.03.1:6:*:*:enterprise:*:*:*",
              "matchCriteriaId": "987118D7-6803-4E11-A184-34FC82E9AF1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:18.03.1:7:*:*:enterprise:*:*:*",
              "matchCriteriaId": "97EFE5E1-6623-44A6-8AA7-A7E30955B513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:18.03.1:8:*:*:enterprise:*:*:*",
              "matchCriteriaId": "BF61D0BA-5F95-4E92-8D81-5BE5FA59FF61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:docker:docker:18.03.1:9:*:*:enterprise:*:*:*",
              "matchCriteriaId": "DD629561-32BD-4C9D-A38B-063554DCA827",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:docker:docker:*:*:*:*:community:*:*:*",
              "matchCriteriaId": "82A26E20-E07A-4229-907C-2FAF03AD50A3",
              "versionEndExcluding": "18.09.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret."
    },
    {
      "lang": "es",
      "value": "En Docker CE y EE antes de 18.09.8 (as\u00ed como en Docker EE antes de 17.06.2-ee-23 y 18.x antes de 18.03.1-ee-10), Docker Engine en modo de depuraci\u00f3n a veces puede agregar secretos al registro de depuraci\u00f3n. . Esto se aplica a un escenario en el que la implementaci\u00f3n de la pila de la ventana acoplable se ejecuta para volver a implementar una pila que incluye secretos (no externos). Potencialmente se aplica a otros usuarios de API de la API de pila si reenv\u00edan el secreto."
    }
  ],
  "id": "CVE-2019-13509",
  "lastModified": "2024-11-21T04:25:02.213",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-07-18T16:15:11.953",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/109253"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://docs.docker.com/engine/release-notes/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N674WD3OBDPHLWY6EABRHQH5ON6SUJBU/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PFFBVE7O73TAVY2BCWXSA2OOSLJVCPXC/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://seclists.org/bugtraq/2019/Sep/21"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://security.netapp.com/advisory/ntap-20190828-0003/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.debian.org/security/2019/dsa-4521"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/109253"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://docs.docker.com/engine/release-notes/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N674WD3OBDPHLWY6EABRHQH5ON6SUJBU/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PFFBVE7O73TAVY2BCWXSA2OOSLJVCPXC/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://seclists.org/bugtraq/2019/Sep/21"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20190828-0003/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.debian.org/security/2019/dsa-4521"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-532"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.