Security News > 2024 > July > Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins
Docker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins under specific circumstances.
"An attacker could exploit a bypass using an API request with Content-Length set to 0, causing the Docker daemon to forward the request without the body to the AuthZ plugin, which might approve the request incorrectly," the Moby Project maintainers said in an advisory.
Docker said the issue is a regression in that the issue was originally discovered in 2018 and addressed in Docker Engine v18.09.1 in January 2019, but never got carried over to subsequent versions.
The following versions of Docker Engine are impacted assuming AuthZ is used to make access control decisions -.
"Users of Docker Engine v19.03.x and later versions who do not rely on authorization plugins to make access control decisions and users of all versions of Mirantis Container Runtime are not vulnerable," Docker's Gabriela Georgieva said.
"Users of Docker commercial products and internal infrastructure who do not rely on AuthZ plugins are unaffected."
News URL
https://thehackernews.com/2024/07/critical-docker-engine-flaw-allows.html
Related news
- GitLab releases fix for critical SAML authentication bypass flaw (source)
- GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions (source)
- Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) (source)
- MFA bypass becomes a critical security issue as ransomware tactics advance (source)
- Critical Ivanti vTM auth bypass bug now exploited in attacks (source)
- Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) (source)