cbcvebase.
CVE-2014-3499
published 2014-07-11

CVE-2014-3499: Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

PriorityP425high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.39%
31.1th percentile
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

Affected

5 ranges
VendorProductVersion rangeFixed in
debiandocker.io
dockerdocker
fedoraprojectfedora
fedoraprojectfedora
github.comdocker_docker>= 0 < 1.0.11.0.1

CVSS provenance

nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_debian7.2LOW
vendor_redhat7.2HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.