Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Unpassworded 'root' Account (Telnet)

Information

Severity

Severity

Critical

Family

Family

Default Accounts

CVSSv2 Base

CVSSv2 Base

10.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Workaround

Created

Created

4 years ago

Modified

Modified

4 years ago

Share

Summary

The remote host has set no password for the root account.

Insight

Insight

It was possible to login with the 'root' username and without passing a password.

Affected Software

Affected Software

Versions of the Official Alpine Linux Docker images (since v3.3) are known to be affected. Other products / devices might be affected as well.

Detection Method

Detection Method

Try to login with a 'root' username and without a password.

Solution

Solution

Set a password for the 'root' account. If this is an Alpine Linux Docker image update to one of the following image releases: edge (20190228 snapshot), v3.9.2, v3.8.4, v3.7.3, v3.6.5.

Common Vulnerabilities and Exposures (CVE)

References