{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-09-10T17:06:14", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://docs.docker.com/engine/release-notes/"}, {"name": "109253", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/109253"}, {"name": "FEDORA-2019-5b54793a4a", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PFFBVE7O73TAVY2BCWXSA2OOSLJVCPXC/"}, {"name": "FEDORA-2019-4bed83e978", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N674WD3OBDPHLWY6EABRHQH5ON6SUJBU/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20190828-0003/"}, {"name": "openSUSE-SU-2019:2021", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html"}, {"name": "DSA-4521", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2019/dsa-4521"}, {"name": "20190910 [SECURITY] [DSA 4521-1] docker.io security update", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/Sep/21"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-13509", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://docs.docker.com/engine/release-notes/", "refsource": "MISC", "url": "https://docs.docker.com/engine/release-notes/"}, {"name": "109253", "refsource": "BID", "url": "http://www.securityfocus.com/bid/109253"}, {"name": "FEDORA-2019-5b54793a4a", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFFBVE7O73TAVY2BCWXSA2OOSLJVCPXC/"}, {"name": "FEDORA-2019-4bed83e978", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N674WD3OBDPHLWY6EABRHQH5ON6SUJBU/"}, {"name": "https://security.netapp.com/advisory/ntap-20190828-0003/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190828-0003/"}, {"name": "openSUSE-SU-2019:2021", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html"}, {"name": "DSA-4521", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4521"}, {"name": "20190910 [SECURITY] [DSA 4521-1] docker.io security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Sep/21"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T23:57:39.278Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://docs.docker.com/engine/release-notes/"}, {"name": "109253", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/109253"}, {"name": "FEDORA-2019-5b54793a4a", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PFFBVE7O73TAVY2BCWXSA2OOSLJVCPXC/"}, {"name": "FEDORA-2019-4bed83e978", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N674WD3OBDPHLWY6EABRHQH5ON6SUJBU/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20190828-0003/"}, {"name": "openSUSE-SU-2019:2021", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html"}, {"name": "DSA-4521", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2019/dsa-4521"}, {"name": "20190910 [SECURITY] [DSA 4521-1] docker.io security update", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "https://seclists.org/bugtraq/2019/Sep/21"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-13509", "datePublished": "2019-07-18T15:34:59", "dateReserved": "2019-07-11T00:00:00", "dateUpdated": "2024-08-04T23:57:39.278Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:docker:docker:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "4D022DE6-8533-4360-8F03-B210E63B31AB", "versionEndExcluding": "18.09.8", "versionStartIncluding": "18.09.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.03.2:1:*:*:enterprise:*:*:*", "matchCriteriaId": "3A35124F-EC46-4CFC-A2A2-893AC0063AF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.03.2:2:*:*:enterprise:*:*:*", "matchCriteriaId": "2C1A46D9-A718-4944-8A51-AA576665A3AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.03.2:3:*:*:enterprise:*:*:*", "matchCriteriaId": "343474A5-E102-4DC1-B11E-F7EB93B8BD34", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.03.2:4:*:*:enterprise:*:*:*", "matchCriteriaId": "DF245918-BDC1-4DF8-AEDA-752B4530F634", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.03.2:5:*:*:enterprise:*:*:*", "matchCriteriaId": "97E72881-8988-4931-AA78-1E998D03A37B", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.03.2:6:*:*:enterprise:*:*:*", "matchCriteriaId": "5ADC31D5-B913-428A-9F7A-5E85349FC5CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.03.2:7:*:*:enterprise:*:*:*", "matchCriteriaId": "C48F0193-894D-4B64-8301-884EBB1DDE8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.03.2:8:*:*:enterprise:*:*:*", "matchCriteriaId": "4D2262C9-231A-4978-88EF-B59267B5F5CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:1:*:*:enterprise:*:*:*", "matchCriteriaId": "E03D470E-5C28-4935-8ECA-62EED8629889", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:10:*:*:enterprise:*:*:*", "matchCriteriaId": "032171DB-4D2A-4691-95E2-DC5791DE1F9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:11:*:*:enterprise:*:*:*", "matchCriteriaId": "92852E25-5EE1-477F-BAB9-735DA676F950", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:12:*:*:enterprise:*:*:*", "matchCriteriaId": "86BD817A-3BED-46A1-A047-6531D495F05C", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:13:*:*:enterprise:*:*:*", "matchCriteriaId": "AC6A6285-12CC-4591-B722-AA5943915696", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:15:*:*:enterprise:*:*:*", "matchCriteriaId": "0B487089-A678-4306-AF75-DBC792A23BCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:16:*:*:enterprise:*:*:*", "matchCriteriaId": "45FEBF98-DE0E-4F78-B9A4-7BCB9F4202C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:17:*:*:enterprise:*:*:*", "matchCriteriaId": "26D5DFE0-ED60-448B-92C7-4A06611755AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:18:*:*:enterprise:*:*:*", "matchCriteriaId": "296CC9ED-9AF2-41AE-93CF-4B8C94CE7743", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:19:*:*:enterprise:*:*:*", "matchCriteriaId": "0178061A-1909-4E39-BF20-3BFD9E8BF22B", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:2:*:*:enterprise:*:*:*", "matchCriteriaId": "444A75C4-8331-46B3-A056-C4944DF3D792", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:20:*:*:enterprise:*:*:*", "matchCriteriaId": "EAF2CFD3-63EB-4DBC-B7A0-BA8858F51F29", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:21:*:*:enterprise:*:*:*", "matchCriteriaId": "4CAEE8A8-337B-406B-9AF0-2538D54F1514", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:22:*:*:enterprise:*:*:*", "matchCriteriaId": "E5CBCA34-6BC1-4069-A12D-78DCA5F06BFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:3:*:*:enterprise:*:*:*", "matchCriteriaId": "43BA9F49-85B3-47BD-ABA5-08A234EEDFBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:4:*:*:enterprise:*:*:*", "matchCriteriaId": "FBE59DD2-4AD2-4FC9-B5B0-2DD2E4DA219E", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:5:*:*:enterprise:*:*:*", "matchCriteriaId": "D613D8B1-3608-40B5-ACDA-D0EC0B152F9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:6:*:*:enterprise:*:*:*", "matchCriteriaId": "1B9A48AB-A032-4911-928F-6D86B86FB847", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:7:*:*:enterprise:*:*:*", "matchCriteriaId": "3A86A73A-CAEC-483A-8C42-D1EC88B1A848", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:8:*:*:enterprise:*:*:*", "matchCriteriaId": "8CB75426-B766-48EC-A681-A82747737276", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2:9:*:*:enterprise:*:*:*", "matchCriteriaId": "42195FEA-1D74-42B2-9212-DF162E0470AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.1:1:*:*:enterprise:*:*:*", "matchCriteriaId": "53935883-E828-40A7-83F4-7218542A401C", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.1:2:*:*:enterprise:*:*:*", "matchCriteriaId": "FB720999-4540-487B-9133-32C85026836B", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.1:3:*:*:enterprise:*:*:*", "matchCriteriaId": "CBEA8855-C9FE-4301-ADAF-993874DDF7F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.1:4:*:*:enterprise:*:*:*", "matchCriteriaId": "353070E6-89AD-40C4-9A45-AF993DE52BF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.1:5:*:*:enterprise:*:*:*", "matchCriteriaId": "D4541E93-762A-40DF-B596-A5F359049C0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.1:6:*:*:enterprise:*:*:*", "matchCriteriaId": "987118D7-6803-4E11-A184-34FC82E9AF1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.1:7:*:*:enterprise:*:*:*", "matchCriteriaId": "97EFE5E1-6623-44A6-8AA7-A7E30955B513", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.1:8:*:*:enterprise:*:*:*", "matchCriteriaId": "BF61D0BA-5F95-4E92-8D81-5BE5FA59FF61", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.1:9:*:*:enterprise:*:*:*", "matchCriteriaId": "DD629561-32BD-4C9D-A38B-063554DCA827", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:docker:docker:*:*:*:*:community:*:*:*", "matchCriteriaId": "82A26E20-E07A-4229-907C-2FAF03AD50A3", "versionEndExcluding": "18.09.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret."}, {"lang": "es", "value": "En Docker CE y EE antes de 18.09.8 (as\u00ed como en Docker EE antes de 17.06.2-ee-23 y 18.x antes de 18.03.1-ee-10), Docker Engine en modo de depuraci\u00f3n a veces puede agregar secretos al registro de depuraci\u00f3n. . Esto se aplica a un escenario en el que la implementaci\u00f3n de la pila de la ventana acoplable se ejecuta para volver a implementar una pila que incluye secretos (no externos). Potencialmente se aplica a otros usuarios de API de la API de pila si reenv\u00edan el secreto."}], "id": "CVE-2019-13509", "lastModified": "2024-11-21T04:25:02.213", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-18T16:15:11.953", "references": [{"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/109253"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://docs.docker.com/engine/release-notes/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N674WD3OBDPHLWY6EABRHQH5ON6SUJBU/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PFFBVE7O73TAVY2BCWXSA2OOSLJVCPXC/"}, {"source": "cve@mitre.org", "url": "https://seclists.org/bugtraq/2019/Sep/21"}, {"source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20190828-0003/"}, {"source": "cve@mitre.org", "url": "https://www.debian.org/security/2019/dsa-4521"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/109253"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://docs.docker.com/engine/release-notes/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N674WD3OBDPHLWY6EABRHQH5ON6SUJBU/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PFFBVE7O73TAVY2BCWXSA2OOSLJVCPXC/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://seclists.org/bugtraq/2019/Sep/21"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20190828-0003/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.debian.org/security/2019/dsa-4521"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "docker: Docker Engine in debug mode may sometimes add secrets to the debug log leading to information disclosure", "id": "1732418", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732418"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-117", "details": ["In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret."], "name": "CVE-2019-13509", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "docker", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "docker", "product_name": "Red Hat Fuse 7"}], "public_date": "2019-07-23T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-13509\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-13509"], "statement": "This issue does affect the versions of docker as shipped with Red Hat Enterprise Linux 7, however debug mode on the daemon needs to be explicitly enabled as the docker systemd service, by default, does not enable debug mode.\nRed Hat Fuse provides only the Docker client library and is not affected by this vulnerability.", "threat_severity": "Moderate"}