https://community.checkpoint.com/t5/Firewall-and-Security-Management/Docker-Desktop-lt-4-27-1-vulnerability-on-R81-10/m-p/207547#M39264 <P>Hello,</P><P>We scan our Checkpoint Gateways with Tenable/Nessus scanners, and they are now showing a Critical Vulnerability for Docker Desktop:</P><P><SPAN>Path : /usr/bin/docker Installed version : 1.13.1 Fixed version : 4.27.1</SPAN></P><P><SPAN>Is anyone else seeing this vulnerability in their environment? Any suggestions on how to remediate/workaround? Do not want to break anything in the OS.</SPAN></P><P><SPAN>Thank you</SPAN></P> Fri, 01 Mar 2024 11:47:50 GMT Eric_Knopp 2024-03-01T11:47:50Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Docker-Desktop-lt-4-27-1-vulnerability-on-R81-10/m-p/207547#M39264 <P>Hello,</P><P>We scan our Checkpoint Gateways with Tenable/Nessus scanners, and they are now showing a Critical Vulnerability for Docker Desktop:</P><P><SPAN>Path : /usr/bin/docker Installed version : 1.13.1 Fixed version : 4.27.1</SPAN></P><P><SPAN>Is anyone else seeing this vulnerability in their environment? Any suggestions on how to remediate/workaround? Do not want to break anything in the OS.</SPAN></P><P><SPAN>Thank you</SPAN></P> Fri, 01 Mar 2024 11:47:50 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Docker-Desktop-lt-4-27-1-vulnerability-on-R81-10/m-p/207547#M39264 Eric_Knopp 2024-03-01T11:47:50Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Docker-Desktop-lt-4-27-1-vulnerability-on-R81-10/m-p/208365#M39454 <P>Software components installed on Gaia may not be the latest versions, but are fully patched/maintained by Check Point for security issues.<BR />You also cannot update these components independently of our update mechanisms (e.g. JHF).</P> Mon, 11 Mar 2024 17:25:13 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Docker-Desktop-lt-4-27-1-vulnerability-on-R81-10/m-p/208365#M39454 PhoneBoy 2024-03-11T17:25:13Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Docker-Desktop-lt-4-27-1-vulnerability-on-R81-10/m-p/208379#M39460 <P>is there a plan to upgrade past docker desktop 1.13.1 seems like we're pretty far behind.</P> Mon, 11 Mar 2024 18:17:54 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Docker-Desktop-lt-4-27-1-vulnerability-on-R81-10/m-p/208379#M39460 philip_zempel 2024-03-11T18:17:54Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Docker-Desktop-lt-4-27-1-vulnerability-on-R81-10/m-p/208389#M39462 <P>I assume there is, but it would only be done in the context of a major release if deemed necessary.<BR />If you have questions about a specific CVE, you can post them here or query via TAC.</P> Mon, 11 Mar 2024 18:35:58 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Docker-Desktop-lt-4-27-1-vulnerability-on-R81-10/m-p/208389#M39462 PhoneBoy 2024-03-11T18:35:58Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Docker-Desktop-lt-4-27-1-vulnerability-on-R81-10/m-p/210470#M39877 <P>Docker Desktop &lt; 4.27.1 Multiple Vulnerabilities</P><P>Plugin Output:<BR />Path : /bin/docker<BR />Installed version : 1.13.1<BR />Fixed version : 4.27.1</P><P>CVE-2024-21626,CVE-2024-23650,CVE-2024-23651,CVE-2024-23652,CVE-2024-23653,CVE-2024-23657</P><P>IAVA #2024-A-0071</P><P><A href="http://www.nessus.org/u?992441ea" target="_blank">http://www.nessus.org/u?992441ea</A><BR /><A href="http://www.nessus.org/u?910afe4d" target="_blank">http://www.nessus.org/u?910afe4d</A></P> Thu, 04 Apr 2024 15:43:12 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Docker-Desktop-lt-4-27-1-vulnerability-on-R81-10/m-p/210470#M39877 gonzalme 2024-04-04T15:43:12Z