Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Docker < 18.09.8 Information Disclosure Vulnerability Jul19
Information
Severity
Severity
Medium
Family
Family
General
CVSSv2 Base
CVSSv2 Base
4.0
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:S/C:P/I:N/A:N
Solution Type
Solution Type
Vendor Patch
Created
Created
4 years ago
Modified
Modified
4 years ago
Summary
Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret.
Affected Software
Affected Software
Docker prior version 18.09.8.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 18.09.8 or later.