CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-29578

The official piwik Docker images before fpm-alpine (Alpine specific) contain a blank password for a root user. Systems using the Piwik Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.021

EPSS Ranking 83.0%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2020-29578

Matomo » Piwik Fpm-Alpine Docker Image » Version: 3

cpe:2.3:a:matomo:piwik_fpm-alpine_docker_image:3
Matomo » Piwik Fpm-Alpine Docker Image » Version: 3.5

cpe:2.3:a:matomo:piwik_fpm-alpine_docker_image:3.5
Matomo » Piwik Fpm-Alpine Docker Image » Version: 3.5.1

cpe:2.3:a:matomo:piwik_fpm-alpine_docker_image:3.5.1
Matomo » Piwik Fpm-Alpine Docker Image » Version: 3.6

cpe:2.3:a:matomo:piwik_fpm-alpine_docker_image:3.6
Matomo » Piwik Fpm-Alpine Docker Image » Version: 3.6.0

cpe:2.3:a:matomo:piwik_fpm-alpine_docker_image:3.6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-29578

Products

Pricing

Contact Us