CVE-2021-45449

Description

Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token or password) on the user's machine during login. This only affects users if they are on Docker Desktop 4.3.0, 4.3.1 and the user has logged in while on 4.3.0, 4.3.1. Gaining access to this data would require having access to the user’s local files.

CVSS Version 3.1
CVSS Version 2.0

nvd
CVE ID: CVE-2021-45449
Base Score: 5.5
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 1.8

nvd
CVE ID: CVE-2021-45449
Base Score: 2.1
Base Severity: LOW
Vector String:AV:L/AC:L/Au:N/C:P/I:N/A:N

Refrence: NVD

Description​

Description