Security News > 2024 > July > Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
![Docker fixes critical auth bypass flaw, again (CVE-2024-41110)](/static/build/img/news/docker-fixes-critical-auth-bypass-flaw-again-cve-2024-41110-medium.jpg)
A critical-severity Docker Engine vulnerability may be exploited by attackers to bypass authorization plugins via specially crafted API request, allowing them to perform unauthorized actions, including privilege escalation.
"An attacker could exploit a bypass using an API request with Content-Length set to 0, causing the Docker daemon to forward the request without the body to the AuthZ plugin, which might approve the request incorrectly," Docker Senior Security Engineer Gabriela Georgieva explained.
"Docker's default authorization model is all-or-nothing. Users with access to the Docker daemon can execute any Docker command."
It also impacts users of Docker Desktop versions up to v4.32.0, as they also include affected versions of Docker Engine.
To exploit the flaw in Docker Desktop, attackers need to have access to the Docker API, "Which usually means the attacker needs to already have local access to the host machine, unless the Docker daemon is insecurely exposed over TCP," Georgieva added.
Finally, the exploitation risk and potential is lesser because the default Docker Desktop configuration does not include AuthZ plugins, and privilege escalation is limited to the Docker Desktop VM. What should impacted users do?
News URL
https://www.helpnetsecurity.com/2024/07/25/cve-2024-41110/
Related news
- Docker fixes critical 5-year old authentication bypass flaw (source)
- Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins (source)
- Exploit for critical Progress Telerik auth bypass released, patch now (source)
- Exploit for critical Veeam auth bypass available, patch now (source)
- ASUS warns of critical remote authentication bypass on 7 routers (source)
- ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models (source)
- Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080) (source)
- Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806) (source)
- Hackers target new MOVEit Transfer critical auth bypass bug (source)
- PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276) (source)