Local privilege escalation vulnerability in Docker Desktop - CVE-2020-10665ID: oval:org.secpod.oval:def:63943 | Date: (C)2020-06-24 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
The host is installed with Docker Desktop Enterprise before 2.1.0.9 or Docker Desktop for Windows Stable (CE) before 2.2.0.4 and is prone to a local privilege escalation vulnerability. A flaw is present in the application, which fails to handle the collection of diagnostics with administrator privileges. Successful exploitation could allow attackers to overwrite arbitrary DACL permissions and arbitrary file writes.
Platform: |
Microsoft Windows 11 |
Microsoft Windows Server 2022 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows 10 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Product: |
Docker CE |
Docker Desktop EE |