Vulnerability Details CVE-2020-29601
The official notary docker images before signer-0.6.1-1 contain a blank password for a root user. System using the notary docker container deployed by affected versions of the docker image may allow an remote attacker to achieve root access with a blank password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2020-29601
-
cpe:2.3:a:docker:notary_docker_image:0.2.0
-
cpe:2.3:a:docker:notary_docker_image:0.3.0
-
cpe:2.3:a:docker:notary_docker_image:0.4.2
-
cpe:2.3:a:docker:notary_docker_image:0.5.0
-
cpe:2.3:a:docker:notary_docker_image:0.6.1
-
cpe:2.3:a:docker:notary_docker_image:0.6.1-1
-
cpe:2.3:a:docker:notary_docker_image:0.6.1-2
-
cpe:2.3:a:docker:notary_docker_image:signer-0.2.0