Exposing Port 22 (SSH)

Query id: 5907595b-5b6d-4142-b173-dbb0e73fbff8
Query name: Exposing Port 22 (SSH)
Platform: Dockerfile
Severity: Low
Category: Best Practices
CWE: <a href="https://cwe.mitre.org/data/definitions/710.html" onclick="newWindowOpenerSafe(event, 'https://cwe.mitre.org/data/definitions/710.html')">710
URL: <a href="https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerfile/exposing_port_22">Github

Expose only the ports that your application needs and avoid exposing ports like SSH (22)
Documentation

Positive test num. 1 - dockerfile file

FROM gliderlabs/alpine:3.3
RUN apk --no-cache add nginx
EXPOSE 3000 80 443 22
CMD ["nginx", "-g", "daemon off;"]

Negative test num. 1 - dockerfile file

FROM gliderlabs/alpine:3.3
RUN apk --no-cache add nginx
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]