Design/Logic Flaw

The Blackfire Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Blackfire container may allow a remote attacker to achieve root access with a blank password...

Design/Logic Flaw

Version 3.16.0 of the CoScale agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the CoScale agent container may allow a remote attacker to achieve root access with a blank password...

CVE-2020-35193

The CVE-2020-35193 entry concerns the official SonarQube Docker images prior to Alpine (Alpine-specific). The root cause is a blank root password in these images, which may allow a remote attacker to obtain root access when deploying the SonarQube container. NVD metrics indicate a high-severity i...

CVE-2020-35193

The official sonarqube docker images before alpine Alpine specific contain a blank password for a root user. System using the sonarqube docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password...

CVE-2020-35469

The Software AG Terracotta Server OSS Docker image 5.4.1 contains a blank password for the root user. Systems deployed using affected versions of the Terracotta Server OSS container may allow a remote attacker to achieve root access with a blank password...

CVE-2020-35469

The CVE-2020-35469 entry concerns Software AG Terracotta Server OSS Docker image 5.4.1, which contains a blank password for the root user. The affected container could allow a remote attacker to gain root access due to the unauthenticated, blank credentials, per the provided descriptions. The con...

CVE-2020-35468

The CVE-2020-35468 entry concerns the Appbase streams Docker image 2.1.2, where a blank root password creates a remote root-access risk. The Red Hat record mirrors this description. The available documents do not provide exploitation details, affected versions beyond 2.1.2, or remediation steps. ...

CVE-2020-35468

The Appbase streams Docker image 2.1.2 contains a blank password for the root user. Systems deployed using affected versions of the streams container may allow a remote attacker to achieve root access with a blank password...

CVE-2020-35467

The CVE-2020-35467 entry concerns the Docker Docs Docker image (up to 2020-12-14). The root user is configured with a blank password, enabling a remote attacker to achieve root access on systems deployed with affected containers. The provided sources confirm the presence of a blank-root-password ...

CVE-2020-35467

The Docker Docs Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Docker Docs container may allow a remote attacker to achieve root access with a blank password...

CVE-2020-35466

The Blackfire Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Blackfire container may allow a remote attacker to achieve root access with a blank password...

CVE-2020-35466

The CVE-2020-35466 entry concerns the Blackfire Docker image (through 2020-12-14) that ships with a blank root password. This creates a potential remote root-access risk for systems running affected containers. Built-in details across sources confirm the impact as remote, with no user interaction...

CVE-2020-35464

The CVE-2020-35464 entry concerns the Weave Cloud Agent Docker image, version 1.3.0, which ships with a blank root password. This vulnerability could allow a remote attacker to gain root access to affected systems. The available documents confirm the issue but do not provide exploit details or a ...

CVE-2020-35464

Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the Weave Cloud Agent container may allow a remote attacker to achieve root access with a blank password...

CVE-2020-35463

The CVE-2020-35463 entry refers to Version 1.0.0 of the Instana Dynamic APM Docker image containing a blank root password, enabling a remote attacker to gain root access on affected containers. This root-access risk is supported by multiple connected records (RH Red Hat advisory, CNVD, NVD) that ...

CVE-2020-35463

Version 1.0.0 of the Instana Dynamic APM Docker image contains a blank password for the root user. Systems deployed using affected versions of the Instana Dynamic APM container may allow a remote attacker to achieve root access with a blank password...

CVE-2020-35462

CVE-2020-35462 pertains to Version 3.16.0 of the CoScale agent Docker image, which contains a blank password for the root user. The description indicates that systems deployed using affected container versions may allow a remote attacker to obtain root access with a blank password. The available ...

CVE-2020-35462

Version 3.16.0 of the CoScale agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the CoScale agent container may allow a remote attacker to achieve root access with a blank password...

vulhubs

It is an offensive tool for web application security training. The primary vulnerability targeted by this tool is not explicitly stated, but based on the provided code and metadata, it appears to be a collection of vulnerable docker environments for web application security training. The tool...

CoScale agent Docker image security vulnerability

Docker is an open source application container engine from the American company Docker. The product supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment, and upgrading of applications...