PT-2020-12311 · Containernetworking+5 · Containernetworking-Plugins+5

Published

2020-06-03

Updated

2024-08-20

CVE-2020-10749

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions containernetworking/plugins versions prior to 0.8.6

Description A vulnerability was found that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.

Recommendations For versions prior to 0.8.6, update to version 0.8.6 or later to resolve the issue. As a temporary workaround, consider restricting the ability of containers to send IPv6 router advertisements to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-300

Related Identifiers

ALSA-2020:4694

ALSA-2020_4059

ALSA-2020_4694

CESA-2020_4694

CVE-2020-10749

ELSA-2020-4694

ELSA-2020-5725

ELSA-2020-5726

ELSA-2020-5727

GHSA-FX6X-H9G4-56F8

GO-2023-1915

OPENSUSE-SU-2020:1049-1

OPENSUSE-SU-2020:1050-1

OPENSUSE-SU-2020_1049-1

OPENSUSE-SU-2020_1050-1

OPENSUSE-SU-2024:10689-1

RHSA-2020:2403

RHSA-2020:2443

RHSA-2020:2592

RHSA-2020:2684

RHSA-2020:4694

RHSA-2020_4694

RLSA-2020:4694

RLSA-2020_4694

SUSE-SU-2020:1957-1

SUSE-SU-2020_1957-1

SUSE-SU-2022:4151-1

SUSE-SU-2022_4151-1

Affected Products

Almalinux

Centos

Red Hat

Rocky Linux

Suse

Containernetworking-Plugins

PT-2020-12311 · Containernetworking+5 · Containernetworking-Plugins+5

CVE-2020-10749

Weakness Enumeration

Related Identifiers

Affected Products

References · 84