Config files : Docker daemon socket exposure

Classification

CWE

Overview

If your docker daemon is running with -H tcp://0.0.0.0:XXX or similar it is exposing un-encrypted and un-authenticated direct access to the Docker daemon.

References

1.OWASP Docker Security Cheat Sheet 2.CWE-657: Violation of Secure Design Principles

MEDIUM

Config files : Docker daemon socket exposure

Classification

Overview

References

DerScanner Severity Score

Do you want to fix Config files : Docker daemon socket exposure in your application?

See also

Config files : Text4Shell Vulnerability

Config files : Incorrect directory deletion

Config files : Code injection