PT-2020-17335 · Software Ag · Software Ag Terracotta Server Oss

Published

2020-12-15

Updated

2020-12-17

CVE-2020-35469

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Software AG Terracotta Server OSS Docker image version 5.4.1

Description The issue concerns a blank password for the root user in the affected Docker image. This could allow a remote attacker to gain root access with a blank password.

Recommendations For Software AG Terracotta Server OSS Docker image version 5.4.1, update the root user password to a secure value to prevent unauthorized access.

Exploit

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2020-35469

Affected Products

Software Ag Terracotta Server Oss

PT-2020-17335 · Software Ag · Software Ag Terracotta Server Oss

CVE-2020-35469

Weakness Enumeration

Related Identifiers

Affected Products

References · 4