10
CVE-2020-29579
- EPSS 2.07%
- Veröffentlicht 08.12.2020 16:15:12
- Zuletzt bearbeitet 21.11.2024 05:24:15
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe official Express Gateway Docker images before 1.14.0 contain a blank password for a root user. Systems using the Express Gateway Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Express-gateway ≫ Express-gateway Docker Image Version < 1.14.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.07% | 0.823 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|