CVE-2020-11878

The Jitsi Meet aka docker-jitsi-meet stack on Docker before stable-4384-1 uses default passwords such as passw0rd for system accounts...

Poorly Secured Docker Image Comes Under Rapid Attack

In a vivid example of why cloud infrastructure needs strong security, a simple Docker container honeypot was used for four different criminal campaigns in the span of 24 hours, in a recent lab test. Akamai security researcher Larry Cashdollar set up the Docker image to see what kind of notice it...

Docker-Credential-Wincred.exe Privilege Escalation

This exploit leverages a vulnerability in docker desktop community editions prior to 2.1.0.1 where an attacker can write a payload to a lower-privileged area to be executed automatically by the docker user at login. This module requires Metasploit: https://metasploit.com/download Current source:...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to demonstrate various types of vulnerabilities. The probable entry points are the docker-compose files, which define the...

Unspecified vulnerability exists in docker-kong

docker-kong is an API3 gateway product used in the Docker application container engine. A security vulnerability exists in docker-kong for Kong version 2.0.3 and earlier, which can be exploited by an attacker to access the admin API port on interfaces other than 127.0.0.1...

CVE-2020-11710

An issue was discovered in docker-kong for Kong through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. “1 Inaccurate Bug Scope - The issue scope was...

CVE-2020-11710

An issue was discovered in docker-kong for Kong through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. “1 Inaccurate Bug Scope - The issue scope was...

Design/Logic Flaw

An issue was discovered in docker-kong for Kong through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. “1 Inaccurate Bug Scope - The issue scope was...

CVE-2020-11710

An issue was discovered in docker-kong for Kong through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. “1 Inaccurate Bug Scope - The issue scope was...

CVE-2020-11710

CVE-2020-11710 affects docker-kong/Kong up to version 2.0.3, where the Admin API port may be exposed on interfaces other than 127.0.0.1. The evidence in connected documents centers on a Kong admin API access issue via docker-kong templates, with a vendor note that the scope/patch references are d...

PT-2020-12797 · Kong · Docker-Kong

Name of the Vulnerable Software and Affected Versions: docker-kong versions through 2.0.3 Description: An issue was discovered where the admin API port may be accessible on interfaces other than 127.0.0.1. The vendor argues that this is not a vulnerability because it has an inaccurate bug scope a...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an offensive tool for vulnerability research and education. The primary CVE ID is not explicitly mentioned, but the repository contains various vulnerable environments based on Docker-Compose, including ones for CVE-2016-9086, CVE-2017-1000353, and CVE-2018-1000006. The target product/servi...

Security Bulletin: IBM Security Information Queue could reveal sensitive data in application error messages (CVE-2020-4164)

Summary In response to certain application errors, IBM Security Information Queue ISIQ could output messages that contain sensitve data, which could then be used to gain unauthorized system access. As of v1.0.6, ISIQ no longer includes sensitve data when outputting error messages. Vulnerability...

Security Bulletin: IBM Security Information Queue does not prevent a product's owner from being modified (CVE-2020-4290)

Summary Each configured product in IBM Security Information Queue ISIQ has an owner who controls access to the product. It's possible for an attacker to intercept a product configuration request object and change the owner value, which would grant unauthorized access. As of v1.0.6, a product's...

Security Bulletin: IBM Security Information Queue does not set the HttpOnly flag in session cookies (CVE-2020-4289)

Summary IBM Security Information Queue ISIQ does not sufficiently protect session cookies by setting the HttpOnly flag. Consequently, a client-side script could obtain sensitive information from an ISIQ cookie. As of v1.0.6, ISIQ sets the HttpOnly flag. Vulnerability Details CVEID: CVE-2020-4289...

Security Bulletin: Insufficient command validation in IBM Security Information Queue (CVE-2020-4282)

Summary IBM Security Information Queue ISIQ does not implement encoding or escaping of command requests that originate in the web UI. For example, it would be possible to intercept a product configuration request, and replace the product name with illegal characters. As of v1.0.6, ISIQ performs...

Security Bulletin: IBM Security Information Queue uses components with known vulnerabilities (CVE-2019-8331, CVE-2019-11358)

Summary The IBM Security Information Queue ISIQ web server utilizes a Node.js runtime environment. The environment includes several open source packages with known vulnerabilities. As of ISIQ v1.0.6, the open source packages have been upgraded to the recommended secure versions. Vulnerability...

Security Bulletin: IBM Security Information Queue has insufficient session expiration (CVE-2020-4284)

Summary IBM Security Information Queue ISIQ does not have a mechanism for terminating idle UI sessions. This leaves an unattended ISIQ session vulnerable to being compromised. As of v1.0.6, ISIQ automatically terminates a session that has been idle for 60 minutes. The timeout value is configurabl...

Security Bulletin: IBM Security Information Queue does not invalidate sessions after logout (CVE-2020-4291)

Summary IBM Security Information Queue ISIQ session identifiers are not properly invalidated upon user logout from ISIQ's web UI. This create opportunities for an attacker to hijack a user session token. As of v1.0.6, ISIQ immediately invalidates the session token when a user logs out...

Self-Propagating Malware Targets Thousands of Docker Ports Per Day

The Docker cloud containerization technology is under fire, with an organized, self-propagating cryptomining campaign targeting misconfigured open Docker Daemon API ports. Thousands of container-compromise attempts are being observed every day as part of the campaign, according to Gal Singer, a...