Vulnerability Details : CVE-2020-10749
Potential exploit
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
Products affected by CVE-2020-10749
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
- cpe:2.3:a:linuxfoundation:cni_network_plugins:*:*:*:*:*:*:*:*
Threat overview for CVE-2020-10749
Top countries where our scanners detected CVE-2020-10749
Top open port discovered on systems with this issue
53
IPs affected by CVE-2020-10749 676,563
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2020-10749!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2020-10749
3.60%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 87 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-10749
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.0
|
MEDIUM | AV:N/AC:M/Au:S/C:P/I:P/A:P |
6.8
|
6.4
|
NIST | |
|
6.0
|
MEDIUM | CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L |
1.8
|
3.7
|
Red Hat, Inc. | |
|
6.0
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L |
1.8
|
3.7
|
NIST |
CWE ids for CVE-2020-10749
-
The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.Assigned by: secalert@redhat.com (Secondary)
References for CVE-2020-10749
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DV3HCDZYUTPPVDUMTZXDKK6IUO3JMGJC/
[SECURITY] Fedora 32 Update: golang-github-containernetworking-plugins-0.9.0-1.fc32 - package-announce - Fedora Mailing-ListsThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10749
1833220 – (CVE-2020-10749) CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clustersIssue Tracking;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00065.html
[security-announce] openSUSE-SU-2020:1050-1: moderate: Security update fBroken Link;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00063.html
[security-announce] openSUSE-SU-2020:1049-1: moderate: Security update fBroken Link;Third Party Advisory
-
https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8
IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements - Google GroepenMailing List;Third Party Advisory
Jump to