Published: 17/12/2020 Updated: 18/12/2020

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

The official drupal docker images prior to 8.5.10-fpm-alpine (Alpine specific) contain a blank password for a root user. System using the drupal docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root access with a blank password.

Vulnerable Product	Search on Vulmon	Subscribe to Product
drupal drupal docker images 8.3.0-fpm-alpine
drupal drupal docker images

This project is exploit for some docker containers with similar to vulnerability code: CVE-2020-35191

MegaHiDocker This project will be exploited for some docker containers with similar vulnerability code: CVE-2020-35191, but this time on other containers => Please read the Descriptiontxt file Requirement: 1Need to Install docker in your Linux AND Install subprocess module for python 3X 2You need pull the your containers and next run this code(eg: docker pull ) Th

CWE-306 https://github.com/koharin/koharin2/blob/main/CVE-2020-35191 https://nvd.nist.gov https://github.com/megadimenex/MegaHiDocker

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-35191

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect