Strix
26.1K

CVE-2021-41092

HIGHCVSS 7.5/10EPSS 1.54%

Last modified

CVE-2021-41092 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHelpers` that could not be executed would result in any provided credentials being sent to `registry-1.docker.io` rather than the intended private registry. EPSS estimates a 1.54% chance of exploitation in the next 30 days.

Description

Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHelpers` that could not be executed would result in any provided credentials being sent to `registry-1.docker.io` rather than the intended private registry. This bug has been fixed in Docker CLI 20.10.9. Users should update to this version as soon as possible. For users unable to update ensure that any configured credsStore or credHelpers entries in the configuration file reference an installed credential helper that is executable and on the PATH.

Metrics

CVSS 3.1
7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Probability
1.54%

71.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
DockerCommand Line Interface< 20.10.9
FedoraprojectFedora34
FedoraprojectFedora35

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-41092?
Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHelpers` that could not be executed would result in any provided credentials being sent to `registry-1.docker.io` rather than the intended private registry. This bug has been fixed in Docker CLI 20.10.9. Users should update to this version as soon as possible. For users unable to update ensure that any configured credsStore or credHelpers entries in the configuration file reference an installed credential helper that is executable and on the PATH.
How severe is CVE-2021-41092?
CVE-2021-41092 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 1.54% probability of exploitation in the next 30 days.
How do I fix CVE-2021-41092?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-41092?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST