CVE-2021-41092

Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHelpers` that could not be executed would result in any provided credentials being sent to `registry-1.docker.io` rather than the intended private registry. This bug has been fixed in Docker CLI 20.10.9. Users should update to this version as soon as possible. For users unable to update ensure that any configured credsStore or credHelpers entries in the configuration file reference an installed credential helper that is executable and on the PATH.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.4 MEDIUM
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
Affected Products (NVD)
VendorProductVersion
dockercommand_line_interface
𝑥
< 20.10.9
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
docker.io
bookworm
20.10.24+dfsg1-1
fixed
bullseye
20.10.5+dfsg1-1+deb11u2
fixed
bullseye (security)
20.10.5+dfsg1-1+deb11u3
fixed
buster
no-dsa
sid
26.1.5+dfsg1-4
fixed
trixie
26.1.5+dfsg1-4
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
docker.io
bionic
Fixed 20.10.7-0ubuntu5~18.04.3
released
focal
Fixed 20.10.7-0ubuntu5~20.04.2
released
hirsute
Fixed 20.10.7-0ubuntu5~21.04.2
released
impish
Fixed 20.10.7-0ubuntu5.1
released
jammy
Fixed 20.10.7-0ubuntu7
released
kinetic
Fixed 20.10.7-0ubuntu7
released
lunar
Fixed 20.10.7-0ubuntu7
released
mantic
Fixed 20.10.7-0ubuntu7
released
noble
Fixed 20.10.7-0ubuntu7
released
trusty
dne
xenial
needed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
containerd
suse enterprise desktop 15 SP7
1.4.12-60.1
fixed
suse enterprise sap 12
1.4.12-16.49.1
fixed
suse enterprise sap 12 SP3
1.4.12-16.49.1
fixed
suse enterprise sap 12 SP4
1.4.12-16.49.1
fixed
suse enterprise sap 12 SP5
1.4.12-16.49.1
fixed
suse enterprise sap 15
1.4.11-56.1
fixed
suse enterprise sap 15 SP1
1.4.11-56.1
fixed
suse enterprise sap 15 SP2
1.4.11-56.1
fixed
suse enterprise sap 15 SP3
1.4.12-60.1
fixed
suse enterprise sap 15 SP4
1.4.12-60.1
fixed
suse enterprise sap 15 SP5
1.4.12-60.1
fixed
suse enterprise sap 15 SP6
1.4.12-60.1
fixed
suse enterprise sap 15 SP7
1.4.12-60.1
fixed
suse enterprise server 12
1.4.12-16.49.1
fixed
suse enterprise server 12 SP3
1.4.12-16.49.1
fixed
suse enterprise server 12 SP4
1.4.12-16.49.1
fixed
suse enterprise server 12 SP5
1.4.12-16.49.1
fixed
suse enterprise server 15
1.4.11-56.1
fixed
suse enterprise server 15 SP1
1.4.11-56.1
fixed
suse enterprise server 15 SP2
1.4.11-56.1
fixed
suse enterprise server 15 SP3
1.4.12-60.1
fixed
suse enterprise server 15 SP4
1.4.12-60.1
fixed
suse enterprise server 15 SP5
1.4.12-60.1
fixed
suse enterprise server 15 SP6
1.4.12-60.1
fixed
suse enterprise server 15 SP7
1.4.12-60.1
fixed
containerd-ctr
suse enterprise sap 15 SP5
1.4.12-60.1
fixed
suse enterprise sap 15 SP6
1.4.12-60.1
fixed
suse enterprise sap 15 SP7
1.4.12-60.1
fixed
suse enterprise server 15 SP5
1.4.12-60.1
fixed
suse enterprise server 15 SP6
1.4.12-60.1
fixed
suse enterprise server 15 SP7
1.4.12-60.1
fixed
runc
suse enterprise desktop 15 SP7
1.0.2-23.1
fixed
suse enterprise sap 12
1.0.2-16.14.1
fixed
suse enterprise sap 12 SP3
1.0.2-16.14.1
fixed
suse enterprise sap 12 SP4
1.0.2-16.14.1
fixed
suse enterprise sap 12 SP5
1.0.2-16.14.1
fixed
suse enterprise sap 15
1.0.2-23.1
fixed
suse enterprise sap 15 SP1
1.0.2-23.1
fixed
suse enterprise sap 15 SP2
1.0.2-23.1
fixed
suse enterprise sap 15 SP3
1.0.2-23.1
fixed
suse enterprise sap 15 SP4
1.0.2-23.1
fixed
suse enterprise sap 15 SP5
1.0.2-23.1
fixed
suse enterprise sap 15 SP6
1.0.2-23.1
fixed
suse enterprise sap 15 SP7
1.0.2-23.1
fixed
suse enterprise server 12
1.0.2-16.14.1
fixed
suse enterprise server 12 SP3
1.0.2-16.14.1
fixed
suse enterprise server 12 SP4
1.0.2-16.14.1
fixed
suse enterprise server 12 SP5
1.0.2-16.14.1
fixed
suse enterprise server 15
1.0.2-23.1
fixed
suse enterprise server 15 SP1
1.0.2-23.1
fixed
suse enterprise server 15 SP2
1.0.2-23.1
fixed
suse enterprise server 15 SP3
1.0.2-23.1
fixed
suse enterprise server 15 SP4
1.0.2-23.1
fixed
suse enterprise server 15 SP5
1.0.2-23.1
fixed
suse enterprise server 15 SP6
1.0.2-23.1
fixed
suse enterprise server 15 SP7
1.0.2-23.1
fixed
Common Weakness Enumeration
References
https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf
https://github.com/docker/cli/commit/893e52cf4ba4b048d72e99748e0f86b2767c6c6b
https://github.com/docker/cli/security/advisories/GHSA-99pg-grm5-qq3v
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf
https://github.com/docker/cli/commit/893e52cf4ba4b048d72e99748e0f86b2767c6c6b
https://github.com/docker/cli/security/advisories/GHSA-99pg-grm5-qq3v
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/