Versions of the Official registry Docker images up to and including 2.7.0 contain a blank password for the root user. Systems deployed using affected versions of the registry container may allow a remote malicious user to achieve root access with a blank password.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
docker registry 2.5 |
||
docker registry 2.5.0 |
||
docker registry 2.5.1 |
||
docker registry 2.6.0 |
||
docker registry 2.6.1 |
||
docker registry 2.7.0 |