CVE-2020-35467
First published: Tue Dec 15 2020(Updated: )
The Docker Docs Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Docker Docs container may allow a remote attacker to achieve root access with a blank password.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| <=2020-12-14 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this Docker Docs vulnerability?
The vulnerability ID for this Docker Docs vulnerability is CVE-2020-35467.
What is the severity of CVE-2020-35467?
The severity of CVE-2020-35467 is critical with a severity value of 9.8.
How can a remote attacker exploit CVE-2020-35467?
A remote attacker can exploit CVE-2020-35467 by using a blank password for the root user to achieve root access.
How can I check if my system is affected by CVE-2020-35467?
You can check if your system is affected by CVE-2020-35467 by verifying the Docker Docs Docker image version and ensuring it is up to 2020-12-14.
How do I fix CVE-2020-35467?
To fix CVE-2020-35467, update the Docker Docs Docker image to a version that does not contain a blank password for the root user.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/docker