CVE-2020-29580

Name of the Vulnerable Software and Affected Versions Storm Docker images versions prior to 1.2.1

Description The issue concerns a blank password for a root user in the official Storm Docker images. This could allow a remote attacker to gain root access with a blank password. Systems using the Storm Docker container deployed by affected versions of the Docker image are at risk.

Recommendations For versions prior to 1.2.1, update to version 1.2.1 or later to resolve the issue. As a temporary workaround, consider changing the root password to a secure value until a patch is applied. Restrict access to the Docker container to minimize the risk of exploitation.