Описание
Versions of the Official kapacitor Docker images through 1.5.0-alpine contain a blank password for the root user. Systems deployed using affected versions of the kapacitor container may allow a remote attacker to achieve root access with a blank password.
Versions of the Official kapacitor Docker images through 1.5.0-alpine contain a blank password for the root user. Systems deployed using affected versions of the kapacitor container may allow a remote attacker to achieve root access with a blank password.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-29589
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5021
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29389
- https://github.com/donghyunlee00/CVE/blob/main/CVE-2020-29589
- https://github.com/influxdata/influxdata-docker
- https://hub.docker.com/_/kapacitor
CVE ID
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-5021. Reason: This candidate is a reservation duplicate of CVE-2019-5021. Notes: All CVE users should reference CVE-2019-5021 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage