CVE-2023-5166 - Vulnerability Details - OpenCVE

Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL.

This issue affects Docker Desktop: before 4.23.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0018.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Docker	Docker Desktop

Configuration 1 [-]

cpe:2.3:a:docker:docker_desktop:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-57503	Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0.

Fixes

Solution

Update Docker Desktop to 4.23.0

Workaround

Disable extensions

References

Link	Providers
https://docs.docker.com/desktop/release-notes/#4230

History

Tue, 24 Sep 2024 16:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Docker

Published: 2023-09-25T15:30:10.164Z

Updated: 2024-09-24T15:54:17.938Z

Reserved: 2023-09-25T14:05:47.327Z

Link: CVE-2023-5166

Vulnrichment

Updated: 2024-08-02T07:52:07.432Z

NVD

Status : Modified

Published: 2023-09-25T16:15:15.857

Modified: 2024-11-21T08:41:13.043

Link: CVE-2023-5166

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5166", "assignerOrgId": "686469e6-3ff6-451b-ab8b-cf5b9e89401e", "state": "PUBLISHED", "assignerShortName": "Docker", "dateReserved": "2023-09-25T14:05:47.327Z", "datePublished": "2023-09-25T15:30:10.164Z", "dateUpdated": "2024-09-24T15:54:17.938Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows", "MacOS", "Linux", "x86", "ARM"], "product": "Docker Desktop", "vendor": "Docker Inc.", "versions": [{"lessThan": "4.23.0", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "M. Haunschmid"}], "datePublic": "2023-09-11T10:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL.<br><br>This issue affects Docker Desktop: before 4.23.0.</p>"}], "value": "Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL.\n\nThis issue affects Docker Desktop: before 4.23.0.\n\n"}], "impacts": [{"capecId": "CAPEC-555", "descriptions": [{"lang": "en", "value": "CAPEC-555 Remote Services with Stolen Credentials"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "686469e6-3ff6-451b-ab8b-cf5b9e89401e", "shortName": "Docker", "dateUpdated": "2023-09-25T15:30:10.164Z"}, "references": [{"tags": ["release-notes"], "url": "https://docs.docker.com/desktop/release-notes/#4230"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update Docker Desktop to 4.23.0"}], "value": "Update Docker Desktop to 4.23.0"}], "source": {"discovery": "EXTERNAL"}, "title": "Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Disable extensions"}], "value": "Disable extensions"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:52:07.432Z"}, "title": "CVE Program Container", "references": [{"tags": ["release-notes", "x_transferred"], "url": "https://docs.docker.com/desktop/release-notes/#4230"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-24T15:53:56.675460Z", "id": "CVE-2023-5166", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-24T15:54:17.938Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://docs.docker.com/desktop/release-notes/#4230", "tags": ["release-notes", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:52:07.432Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-5166", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-24T15:53:56.675460Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-24T15:54:11.743Z"}}], "cna": {"title": "Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "M. Haunschmid"}], "impacts": [{"capecId": "CAPEC-555", "descriptions": [{"lang": "en", "value": "CAPEC-555 Remote Services with Stolen Credentials"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Docker Inc.", "product": "Docker Desktop", "versions": [{"status": "affected", "version": "0", "lessThan": "4.23.0", "versionType": "semver"}], "platforms": ["Windows", "MacOS", "Linux", "x86", "ARM"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update Docker Desktop to 4.23.0", "supportingMedia": [{"type": "text/html", "value": "Update Docker Desktop to 4.23.0", "base64": false}]}], "datePublic": "2023-09-11T10:00:00.000Z", "references": [{"url": "https://docs.docker.com/desktop/release-notes/#4230", "tags": ["release-notes"]}], "workarounds": [{"lang": "en", "value": "Disable extensions", "supportingMedia": [{"type": "text/html", "value": "Disable extensions", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL.\n\nThis issue affects Docker Desktop: before 4.23.0.\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL.<br><br>This issue affects Docker Desktop: before 4.23.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "686469e6-3ff6-451b-ab8b-cf5b9e89401e", "shortName": "Docker", "dateUpdated": "2023-09-25T15:30:10.164Z"}}}, "cveMetadata": {"cveId": "CVE-2023-5166", "state": "PUBLISHED", "dateUpdated": "2024-09-24T15:54:17.938Z", "dateReserved": "2023-09-25T14:05:47.327Z", "assignerOrgId": "686469e6-3ff6-451b-ab8b-cf5b9e89401e", "datePublished": "2023-09-25T15:30:10.164Z", "assignerShortName": "Docker"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:docker:docker_desktop:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C2CEE04-40A4-4B41-A543-CC5695DAB0CF", "versionEndExcluding": "4.23.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL.\n\nThis issue affects Docker Desktop: before 4.23.0.\n\n"}, {"lang": "es", "value": "Docker Desktop anterior a 4.23.0 permite el robo de tokens de acceso a trav\u00e9s de una URL de icono de extensi\u00f3n manipulada. Este problema afecta a Docker Desktop: versiones anteriores a 4.23.0."}], "id": "CVE-2023-5166", "lastModified": "2024-11-21T08:41:13.043", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "security@docker.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-25T16:15:15.857", "references": [{"source": "security@docker.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://docs.docker.com/desktop/release-notes/#4230"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://docs.docker.com/desktop/release-notes/#4230"}], "sourceIdentifier": "security@docker.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security@docker.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}