From 2e1199be9f3623bb424a331f44e15065e4e5fda9 Mon Sep 17 00:00:00 2001
From: MostInterestingBotInTheWorld
 <98333686+MostInterestingBotInTheWorld@users.noreply.github.com>
Date: Fri, 20 May 2022 11:52:59 -0400
Subject: [PATCH] Enhancement: misconfiguration/misconfigured-docker.yaml by mp

---
 misconfiguration/misconfigured-docker.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/misconfiguration/misconfigured-docker.yaml b/misconfiguration/misconfigured-docker.yaml
index ee9f22edfc..79d1061031 100644
--- a/misconfiguration/misconfigured-docker.yaml
+++ b/misconfiguration/misconfigured-docker.yaml
@@ -4,7 +4,7 @@ info:
   name: Docker Container - Misconfiguration Exposure
   author: dhiyaneshDK
   severity: critical
-  description: A Docker Container misconfiguration was discovered. The Docker daemon can listen for Docker Engine API requests via three different types of Socket unix, tcp, and fd. The default setup provides un-encrypted and un-authenticated direct access to the Docker daemon. It is conventional to use port 2375 for un-encrypted, and port 2376 for encrypted communication with the daemon.
+  description: A Docker container misconfiguration was discovered. The Docker daemon can listen for Docker Engine API requests via three different types of Socket - unix, tcp, and fd. With tcp enabled, the default setup provides un-encrypted and un-authenticated direct access to the Docker daemon. It is conventional to use port 2375 for un-encrypted, and port 2376 for encrypted communication with the daemon.
   reference:
     - https://madhuakula.com/content/attacking-and-auditing-docker-containers-using-opensource/attacking-docker-containers/misconfiguration.html
   tags: docker,unauth,devops