CVE-2023-40453

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 7, 2023

Updated: Aug 2, 2024

Summary

CVE-2023-40453 is a vulnerability affecting Docker Machine versions up to 0.16.2. An attacker with control of a worker node can exploit this vulnerability by providing crafted version data, potentially tricking administrators into performing unsafe actions through escape sequence injection or causing a denial of service on a bastion node due to excessive data size. It is important to note that this vulnerability only impacts unsupported versions of Docker Machine.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Docker Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sWDZXP
https://www.cve.org/CVERecord?id=CVE-2023-40453
https://nvd.nist.gov/vuln/detail/CVE-2023-40453

Back to Vulnerability Database

CVE-2023-40453

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations