CVE-2016-6595
Summary
| CVE | CVE-2016-6595 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-01-04 20:59:00 UTC |
| Updated | 2026-05-06 22:30:45 UTC |
| Description | The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service (prevention of cluster joins) via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is left by old nodes. At some point the manager obviously stops being able to accept new nodes, since it runs out of memory. Given that both for Docker swarm and for Docker Swarmkit nodes are *required* to provide a secret token (it's actually the only mode of operation), this means that no adversary can simply join nodes and exhaust manager resources. We can't do anything about a manager running out of memory and not being able to add new legitimate nodes to the system. This is merely a resource provisioning issue, and definitely not a CVE worthy vulnerability. |
Risk And Classification
Primary CVSS: v3.0 6.5 MEDIUM from [email protected]
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS: 0.006490000 probability, percentile 0.709060000 (date 2026-05-11)
Problem Types: CWE-399 | n/a
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.0 | [email protected] | Primary | 6.5 | MEDIUM | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| 2.0 | [email protected] | Primary | 4 | AV:N/AC:L/Au:S/C:N/I:N/A:P |
CVSS v3.0 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
NoneIntegrity
NoneAvailability
HighCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
SingleConfidentiality
NoneIntegrity
NoneAvailability
PartialAV:N/AC:L/Au:S/C:N/I:N/A:P
NVD Known Affected Configurations (CPE 2.3)
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| oss-security - Re: cve request: docker swarmkit Dos occurs by repeatly joining and quitting swam cluster as a node | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Third Party Advisory |
| Docker Unspecified Flaw Lets Remote Authenticated Users Deny Service on the Target Swarm Cluster - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| oss-security - Re: cve request: docker swarmkit Dos occurs by repeatly joining and quitting swam cluster as a node | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Third Party Advisory |
| oss-security - Re: Re: cve request: docker swarmkit Dos occurs by repeatly joining and quitting swam cluster as a node | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Third Party Advisory |
| Docker Swarmkit Local Denial of Service Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.