CVE-2020-14300 : The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red

The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in that update was the fix for CVE-2016-9962, that was previously corrected in the docker packages in Red Hat Enterprise Linux 7 Extras via RHSA-2017:0116 (https://access.redhat.com/errata/RHSA-2017:0116). The CVE-2020-14300 was assigned to this security regression and it is specific to the docker packages produced by Red Hat. The original issue - CVE-2016-9962 - could possibly allow a process inside container to compromise a process entering container namespace and execute arbitrary code outside of the container. This could lead to compromise of the container host or other containers running on the same container host. This issue only affects a single version of Docker, 1.13.1-108.git4ef4b30, shipped in Red Hat Enterprise Linux 7. Both earlier and later versions are not affected.

Published 2020-07-13 22:15:13

Updated 2023-02-12 23:39:55

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2020-14300

Redhat » Enterprise Linux Server » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Matching versions
Docker » Docker » Version: 1.13.1
cpe:2.3:a:docker:docker:1.13.1:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2020-14300

Top countries where our scanners detected CVE-2020-14300

Top open port discovered on systems with this issue 22

IPs affected by CVE-2020-14300 118

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2020-14300!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2020-14300

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 18 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-14300

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
8.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H	2.0	6.0	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2020-14300

CWE-273 Improper Check for Dropped Privileges

The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2020-14300

https://access.redhat.com/security/vulnerabilities/cve-2016-9962

On-entry container attack - CVE-2016-9962 - Red Hat Customer Portal
Not Applicable

CVEs referencing this url
https://access.redhat.com/errata/RHBA-2020:0427

RHBA-2020:0427 - Bug Fix Advisory - Red Hat Customer Portal
Vendor Advisory

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9962

1409531 – (CVE-2016-9962) CVE-2016-9962 docker: insecure opening of file-descriptor allows privilege escalation
Not Applicable
https://access.redhat.com/security/cve/CVE-2016-9962

Red Hat Customer Portal
Not Applicable