H3-2021-0009

Unauthenticated Docker Registry API Access

Description

The Docker Registry API is accessible without requiring any authentication. The Docker Registry is a service that stores and distributes Docker container images. An attacker could exploit this misconfiguration by accessing the registry without needing any credentials. This would enable the attacker to list, pull, and inspect the details of all container images stored in the registry.

Impact

Exploiting this misconfiguration could allow an attacker to gain insights into the configurations and contents of container images, potentially leading to further attacks or sensitive data exposure.

References

• Docker Registry
• Configuring a registry
• MITRE ATT&CK Technique: T1613: Container and Resource Discovery