Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Plone CMS Missing Authentication for Critical Function Vulnerability - CVE-2020-35190 - Vulnerability Database
Plone CMS

Plone CMS Missing Authentication for Critical Function Vulnerability - CVE-2020-35190

Critical
Reference: CVE-2020-35190
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-35190
Title: Plone CMS Missing Authentication for Critical Function Vulnerability
Overview:

The official plone Docker images before version of 4.3.18-alpine (Alpine specific) contain a blank password for a root user. System using the plone docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.