CyberSec.Space Logo
Back to CVE Browser

CVE-2020-29602

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1290%
EPSS Percentile6.74th
PublishedDec 8, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

The official irssi docker images before 1.1-alpine (Alpine specific) contain a blank password for a root user. System using the irssi docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.

Affected Platforms (CPE)

📦
Irssi

Docker Image

< 1.1-alpine

References & Advisories

🔗 https://github.com/koharin/koharin2/blob/main/CVE-2020-29602
🔗 https://github.com/koharin/koharin2/blob/main/CVE-2020-29602

Related Vulnerabilities

CVE-2014-935710.0

Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dock...

CVE-2019-50219.8

Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. This vulnerability a...

CVE-2020-117109.8

An issue was discovered in docker-kong (for Kong) through 2.0.3. The admin API port may be accessible on interfaces other than 127...

CVE-2020-295759.8

The official elixir Docker images before 1.8.0-alpine (Alpine specific) contain a blank password for a root user. Systems using th...