Blank Password Vulnerability in Express Gateway Docker Images

Blank Password Vulnerability in Express Gateway Docker Images

CVE-2020-29579 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The official Express Gateway Docker images before 1.14.0 contain a blank password for a root user. Systems using the Express Gateway Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access.

Learn more about our Cis Benchmark Audit For Docker.