Miggo Logo
Miggo Vulnerability Database
CVE-2018-12608

CVE-2018-12608: Docker Authentication Bypass

7.5

CVSS Score
3.0

Basic Information

CVE ID
CVE-2018-12608
GHSA ID
GHSA-qrqr-3x5j-2xw9
EPSS Score
0.30231%
CWE
CWE-288
Published
1/31/2024
Updated
7/8/2024
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/docker/dockergo< 17.06.0-ce17.06.0-ce

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from Docker's TLS configuration accepting both the user-specified CA and system CAs for client authentication. The critical change in the patch was adding 'ExclusiveRootPools: true' to the tlsOptions struct in cmd/dockerd/daemon.go. This flag ensures only the configured CA is used when present. The function DaemonCli.start() handles this TLS setup, making it the vulnerable component before the fix. The test additions in docker_cli_daemon_test.go confirm the intended behavior of exclusive CA validation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in *o*k*r Mo*y ***or* **.**.*. T** *o*k*r *n*in* v*li**t** * *li*nt TLS **rti*i**t* usin* *ot* t** *on*i*ur** *li*nt ** root **rti*i**t* *n* *ll syst*m roots on non-Win*ows syst*ms. T*is *llow** * *li*nt wit* *ny *om*in v*li**

Reasoning

T** vuln*r**ility st*mm** *rom *o*k*r's TLS *on*i*ur*tion ****ptin* *ot* t** us*r-sp**i*i** ** *n* syst*m **s *or *li*nt *ut**nti**tion. T** *riti**l ***n** in t** p*t** w*s ***in* '*x*lusiv*RootPools: tru*' to t** tlsOptions stru*t in *m*/*o*k*r*/**