RSS   Vulnerabilities for 'Sonarqube docker image'   RSS

2020-12-16
 
CVE-2020-35193

CWE-306
 

 
The official sonarqube docker images before alpine (Alpine specific) contain a blank password for a root user. System using the sonarqube docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.

 

 >>> Vendor: Sonarsource 4 Products
Jenkins plugin
Sonarqube
Sonarqube scanner
Sonarqube docker image


Copyright 2024, cxsecurity.com

 

Back to Top