Portainer: >> Portainer >> 1.10.2 Security Vulnerabilities
In Portainer Agent before 2.11.1, an API server can continue running even if not associated with a Portainer instance in the past few days.
CVSS Score
9.8
EPSS Score
0.009
Published
2022-02-11
An unauthorized access vulnerabiitly exists in all versions of Portainer, which could let a malicious user obtain sensitive information. NOTE: Portainer has received no detail of this CVE report. There is also no response after multiple attempts of contacting the original source.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-10-29
Cross Site Scripting (XSS vulnerability exists in Portainer before 2.9.1 via the node input box in Custom Templates.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-10-18
Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical capabilities such as SYS_MODULE, which can be used to take over the Docker host.
CVSS Score
8.8
EPSS Score
0.013
Published
2021-03-16
Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and not the server-side, which can lead to spawning a container with bind mount. Once such a container is spawned, it can be leveraged to break out of the container leading to complete Docker host machine takeover.
CVSS Score
9.8
EPSS Score
0.044
Published
2021-03-16
Portainer before 1.22.1 has Incorrect Access Control (issue 1 of 4).
CVSS Score
9.9
EPSS Score
0.004
Published
2019-11-07
Portainer before 1.22.1 allows Directory Traversal.
CVSS Score
7.5
EPSS Score
0.008
Published
2019-11-07
Portainer before 1.22.1 has Incorrect Access Control (issue 4 of 4).
CVSS Score
8.8
EPSS Score
0.005
Published
2019-11-07
Portainer before 1.22.1 has XSS (issue 2 of 2).
CVSS Score
5.4
EPSS Score
0.003
Published
2019-11-07
Portainer before 1.22.1 has XSS (issue 1 of 2).
CVSS Score
5.4
EPSS Score
0.004
Published
2019-11-07
Page 1