Skip to content

H3-2021-0010

Unauthenticated Docker Engine API Access

Category SECURITY_MISCONFIGURATION
Base Score 8.0

Description

The Docker Engine API is accessible without authentication.

Impact

An attacker could gain full control of all Docker daemon resources and functionality through API access.

References