Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2014-5278
CVE-2014-5278:
Docker vulnerability analysis and mitigation
Overview
A vulnerability exists in Docker before version 1.2 that allows container names to potentially collide with and override container IDs (NVD, CVE). The vulnerability was assigned CVE-2014-5278 and was discovered in August 2014.
Technical details
The vulnerability has been assigned a CVSS v3.1 base score of 5.3 (MEDIUM) with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N, indicating network accessibility with low attack complexity and no authentication required. The vulnerability primarily impacts the integrity of the system (NVD).
Impact
The vulnerability could allow attackers to override container IDs through manipulated container names, potentially leading to container identification confusion and security implications in container management (NVD).
Mitigation and workarounds
The vulnerability has been fixed in Docker version 1.2 and later. Users should upgrade to at least version 1.2.0 to mitigate this vulnerability (Debian Security).
Additional resources
Source: This report was generated using AI
Related Docker vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management