CVE-2016-8867

EUVD-2016-9692
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
Affected Products (NVD)
VendorProductVersion
dockerdocker
1.12.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
docker.io
bookworm
20.10.24+dfsg1-1
fixed
bullseye
20.10.5+dfsg1-1+deb11u2
fixed
bullseye (security)
20.10.5+dfsg1-1+deb11u3
fixed
sid
26.1.5+dfsg1-4
fixed
trixie
26.1.5+dfsg1-4
fixed
runc
bookworm
1.1.5+ds1-1+deb12u1
fixed
bookworm (security)
1.1.5+ds1-1+deb12u1
fixed
bullseye
1.0.0~rc93+ds1-5+deb11u5
fixed
bullseye (security)
1.0.0~rc93+ds1-5+deb11u3
fixed
sid
1.1.15+ds1-1
fixed
trixie
1.1.12+ds1-5.1
fixed
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/94228
http://www.securitytracker.com/id/1037203
https://www.docker.com/docker-cve-database
http://www.securityfocus.com/bid/94228
http://www.securitytracker.com/id/1037203
https://www.docker.com/docker-cve-database