Vulnerabilities > CVE-2020-10749

CVSS 6.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

LOW

network

high complexity

linuxfoundation

redhat

fedoraproject

NVD

Published: 2020-06-03

Updated: 2023-11-07

Summary

A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.

Vulnerable Configurations

Part	Description	Count
Application	Linuxfoundation Linuxfoundation CNI Network Plugins 0.1.0 Linuxfoundation CNI Network Plugins 0.2.0 Linuxfoundation CNI Network Plugins 0.3.0 Linuxfoundation CNI Network Plugins 0.6.0 Linuxfoundation CNI Network Plugins 0.7.0 Linuxfoundation CNI Network Plugins 0.7.1 Linuxfoundation CNI Network Plugins 0.7.2 Linuxfoundation CNI Network Plugins 0.7.3 Linuxfoundation CNI Network Plugins 0.7.4 Linuxfoundation CNI Network Plugins 0.7.5 Linuxfoundation CNI Network Plugins 0.7.6 Linuxfoundation CNI Network Plugins 0.8.0 Linuxfoundation CNI Network Plugins 0.8.1 Linuxfoundation CNI Network Plugins 0.8.2 Linuxfoundation CNI Network Plugins 0.8.3 Linuxfoundation CNI Network Plugins 0.8.4 Linuxfoundation CNI Network Plugins 0.8.5	27
Application	Redhat Redhat Openshift Container Platform 4.0	1
OS	Redhat Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 8.0	2
OS	Fedoraproject Fedoraproject Fedora 32	1

Vulnerabilities > CVE-2020-10749 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2020-10749"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2020-10749