Unfortunately we cannot upgrade the base image for Buster because it uses the official Debian repositories, which define what versions packages are pinned to. We can only upgrade the packages installed on the host OS.
There are a few of other options though:
You may build in the Dockerfile for that container NetworkManager. You may do that on top of your Dockerfile, so that cache is used when you modify later lines there. For making the images smaller in this case you may use multistage bukds - https://www.balena.io/docs/reference/base-images/base-images/.
Probably a better option I would personally prefer is to not use nmcli at all, but retrieve the information through a NetworkManager client library. That will take extra time to develop though. You may check examples in different languages here: https://github.com/NetworkManager/NetworkManager/tree/master/examples
Or you may omit from your application getting the password. I guess it is for editing purposes, so you may just make the users enter it from scratch.