CVE-2020-35186

Name of the Vulnerable Software and Affected Versions adminer versions prior to 4.7.0-fastcgi

Description The official adminer docker images contain a blank password for a root user. Systems using the adminer docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.

Recommendations For versions prior to 4.7.0-fastcgi, update to version 4.7.0-fastcgi or later to resolve the issue. As a temporary workaround, consider changing the root password to a secure value until a patch is applied. Restrict access to the adminer docker container to minimize the risk of exploitation.