Critical Alpine Docker Vulnerability Allows Root Access with Null Password
A serious vulnerability in Alpine Docker images, tracked as CVE-2019-5021, allows root user access with a null password. This issue affects systems using Alpine Linux containers with Linux PAM or similar mechanisms. It was publicly disclosed in November 2019.
The vulnerability, present in Alpine Docker images version 3.3 and later, was introduced by a maintainer and impacts official images. Systems using affected containers may accept a null password for the root user, posing a significant security risk.
Qualys Container Security can detect this vulnerability during various stages of the Docker image lifecycle. It provides a dashboard to track the issue across images and containers. For CI/CD pipelines using Jenkins or Bamboo, the Qualys plugin can identify the vulnerability during the build process. To fix the issue, users should add a specific line to their Dockerfile or remove linux-pam if installed.
The vulnerability, identified as CVE-2019-5021 and QID 371776, is a critical concern for systems using affected Alpine Linux containers. Qualys Container Security offers detection and tracking, with a free trial available upon request. To mitigate the risk, users should promptly address the issue in their Docker images.