CVE-2016-8867 - Vulnerability Details - OpenCVE

Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Docker	Docker
Redhat	Rhel Extras Other

Configuration 1 [-]

cpe:2.3:a:docker:docker:1.12.2:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 7 Extras
docker-2:1.13.1-162.git64e9980.el7_8	cpe:/a:redhat:rhel_extras_other:7	RHSA-2020:2653	2020-06-23T00:00:00Z

References

Link	Providers
http://www.securityfocus.com/bid/94228
http://www.securitytracker.com/id/1037203
https://nvd.nist.gov/vuln/detail/CVE-2016-8867
https://www.cve.org/CVERecord?id=CVE-2016-8867
https://www.docker.com/docker-cve-database

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2016-10-28T15:00:00

Updated: 2024-08-06T02:35:02.197Z

Reserved: 2016-10-21T00:00:00

Link: CVE-2016-8867

Vulnrichment

No data.

NVD

Status : Modified

Published: 2016-10-28T15:59:14.047

Modified: 2024-11-21T03:00:12.230

Link: CVE-2016-8867

Redhat

Severity : Important

Publid Date: 2016-10-24T00:00:00Z

Links: CVE-2016-8867 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-10-28T00:00:00", "descriptions": [{"lang": "en", "value": "Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-27T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.docker.com/docker-cve-database"}, {"name": "94228", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/94228"}, {"name": "1037203", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037203"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-8867", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.docker.com/docker-cve-database", "refsource": "CONFIRM", "url": "https://www.docker.com/docker-cve-database"}, {"name": "94228", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94228"}, {"name": "1037203", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037203"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T02:35:02.197Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.docker.com/docker-cve-database"}, {"name": "94228", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/94228"}, {"name": "1037203", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1037203"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-8867", "datePublished": "2016-10-28T15:00:00", "dateReserved": "2016-10-21T00:00:00", "dateUpdated": "2024-08-06T02:35:02.197Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:docker:docker:1.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "E122F17B-2810-4949-9882-C43779BE2CF2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes."}, {"lang": "es", "value": "Docker Engine 1.12.2 habilit\u00f3 capacidades ambientales con pol\u00edticas de capacidad mal configuradas. Esto permiti\u00f3 a im\u00e1genes maliciosas eludir los permisos de usuario de acceso a archivos dentro del contenedor filesystem o vol\u00famenes montados."}], "id": "CVE-2016-8867", "lastModified": "2024-11-21T03:00:12.230", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-10-28T15:59:14.047", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94228"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1037203"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.docker.com/docker-cve-database"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94228"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1037203"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.docker.com/docker-cve-database"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2020:2653", "cpe": "cpe:/a:redhat:rhel_extras_other:7", "package": "docker-2:1.13.1-162.git64e9980.el7_8", "product_name": "Red Hat Enterprise Linux 7 Extras", "release_date": "2020-06-23T00:00:00Z"}], "bugzilla": {"description": "docker: Ambient capability usage in containers", "id": "1390163", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1390163"}, "csaw": true, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "status": "verified"}, "details": ["Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.", "The runc version as used in docker 1.12.2 was incorrectly setting ambient capabilities for all processes executed inside containers. This caused processes of non-root users to run with unexpected privileges, allowing them to escalate their privileges to root."], "name": "CVE-2016-8867", "public_date": "2016-10-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-8867\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-8867"], "statement": "This issue only affected a single version of the docker packages as shipped with Red Hat Enterprise Linux 7 Extras - docker-1.13.1-108.git4ef4b30.el7. This version was released on January 8th 2020 via erratum RHBA-2020:0053 and the problem was corrected in version docker-1.13.1-109.gitcccb291.el7_7 released on February 4th 2020 via erratum RHBA-2020:0427. This CVE is listed as fixed in erratum RHSA-2020:2653 released on June 23rd 2020. However, the erratum RHSA-2020:2653 does not provide any new or improved fix compared to RHBA-2020:0427 and it was released to ensure proper visibility of the problem to users and security scanning tools, as the fix was originally released via a non-security bug fix erratum.\nThe current version of OpenShift Container Platform (OCP) 3.11 is not affected because it installs the latest package from the Red Hat Enterprise Linux 7 Extras repository. If on an earlier version of OCP 3.11 be sure to update to a docker package later than 1.13.1-108.git4ef4b30.el7.", "threat_severity": "Important", "upstream_fix": "docker 1.12.3"}