CVE-2020-35194

Name of the Vulnerable Software and Affected Versions influxdb versions prior to 1.7.3-meta-alpine

Description The issue concerns a blank password for a root user in the official influxdb docker images. This could allow a remote attacker to achieve root access with a blank password, potentially affecting systems that use the influxdb docker container deployed by affected versions of the docker image.

Recommendations For versions prior to 1.7.3-meta-alpine, update to version 1.7.3-meta-alpine or later to resolve the issue. As a temporary workaround, consider changing the root password to a secure value until a patch is applied. Restrict access to the influxdb docker container to minimize the risk of exploitation.