The official piwik Docker images before fpm-alpine (Alpine specific) contain a blank password for a root user. Systems using the Piwik Docker container deployed by affected versions of the Docker image may allow an remote malicious user to achieve root access.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
matomo piwik fpm-alpine docker image 3 |
||
matomo piwik fpm-alpine docker image 3.5 |
||
matomo piwik fpm-alpine docker image 3.5.1 |
||
matomo piwik fpm-alpine docker image 3.6 |
||
matomo piwik fpm-alpine docker image 3.6.0 |