Details
The docker container solution is evolving to maturity and stability at a rapid pace. Like any
other software, the vendor releases regular updates for Docker software that address
security vulnerabilities, product bugs and bring in new functionality.
Keep a tab on these product updates and upgrade as frequently as when new security
vulnerabilities are fixed.
By staying up to date on Docker updates, vulnerabilities in the Docker software can be
mitigated. An educated attacker may exploit known vulnerabilities when attempting to
attain access or elevate privileges. Not installing regular Docker updates may leave you
with running vulnerable Docker software. It might lead to elevation privileges,
unauthorized access or other security breaches.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
Download and install the updated Docker software from official Docker repository.
Impact-None.
Default Value-Not Applicable
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Unix.