Vulnerability Details CVE-2020-29577
The official znc docker images before 1.7.1-slim contain a blank password for a root user. Systems using the znc docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2020-29577
-
cpe:2.3:a:znc:znc_docker_image:1.6
-
cpe:2.3:a:znc:znc_docker_image:1.6-slim
-
cpe:2.3:a:znc:znc_docker_image:1.6.4
-
cpe:2.3:a:znc:znc_docker_image:1.6.4-slim
-
cpe:2.3:a:znc:znc_docker_image:1.6.5
-
cpe:2.3:a:znc:znc_docker_image:1.6.5-slim
-
cpe:2.3:a:znc:znc_docker_image:1.6.6
-
cpe:2.3:a:znc:znc_docker_image:1.6.6-slim
-
cpe:2.3:a:znc:znc_docker_image:1.7.0
-
cpe:2.3:a:znc:znc_docker_image:1.7.0-slim
-
cpe:2.3:a:znc:znc_docker_image:1.7.1-slim