CVE-2023-28842

CWE-420CWE-636CWE-755Improper Exception Handling10 documents7 sources
Severity
6.8MEDIUM
EPSS
0.6%
top 29.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Github.com Docker/dockerMobyproject MobyMoby Moby
Timeline
PublishedApr 4
Latest updateMay 1

Description

Moby) is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby is commonly referred to as *Docker*. Swarm Mode, which is compiled in and delivered by default in `dockerd` and is thus present in most major Moby downstreams, is a simple, built-in container orchestrator that is implemented through a combination of Sw

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:NExploitability: 2.2 | Impact: 4.0

Affected Packages5 packages

NVDmobyproject/moby1.12.020.10.24+1
CVEListV5moby/moby>= 1.12.0, < 20.10.24, >= 23.0.0, < 23.0.3+1
Gogithub.com/docker/docker1.12.020.10.24+3
Debiandocker.io< 20.10.24+dfsg1-1+2
Ubuntudocker.io< 20.10.21-0ubuntu1~18.04.3+esm3+3

🔴Vulnerability Details

6
OSV
docker.io vulnerabilities2025-05-01
OSV
Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/docker2024-08-20
OSV
Docker Swarm encrypted overlay network with a single endpoint is unauthenticated2023-04-04
GHSA
Docker Swarm encrypted overlay network with a single endpoint is unauthenticated2023-04-04
CVEList
moby/moby's dockerd daemon encrypted overlay network with a single endpoint is unauthenticated2023-04-04

📋Vendor Advisories

3
Ubuntu
Docker vulnerabilities2025-05-01
Red Hat
moby: Encrypted overlay network with a single endpoint is unauthenticated2023-04-04
Debian
CVE-2023-28842: docker.io - Moby) is an open source container framework developed by Docker Inc. that is dis...2023
CVE-2023-28842 (MEDIUM CVSS 6.8) | Moby) is an open source container f | cvebase.io