Lucene search
CertccCVELIST:CVE-2020-10136HistoryJun 02, 2020 - 8:35 a.m.
CVE-2020-10136 IP-in-IP protocol allows a remote, unauthenticated attacker to route arbitrary network traffic
2020-06-0208:35:12
CWE-290
certcc
www.cve.org
10
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
CNA Affected
[
{
"vendor": "IETF",
"product": "RFC2003 - IP Encapsulation within IP",
"versions": [
{
"version": "STD 1",
"status": "affected"
}
]
}
]Related
hackerone
hackerone
cisco
cisco
Cisco NX-OS Software Unexpected IP in IP Packet Processing Vulnerability
2020-06-01 16:00:00
redhatcve
redhatcve
CVE-2020-10136
2020-06-10 06:54:44
cert
cert
IP-in-IP protocol routes arbitrary traffic by default
2020-06-02 00:00:00
nessus
nessus
f5
f5
K44453423 : IP-in-IP Packet Processing vulnerability CVE-2020-10136
2020-07-01 00:00:00
nvd
nvd
CVE-2020-10136
2020-06-02 09:15:09
prion
prion
Improper access control
2020-06-02 09:15:00
cve
cve
CVE-2020-10136
2020-06-02 09:15:09
threatpost
threatpost
Severe Cisco DoS Flaw Can Cripple Nexus Switches
2020-06-02 16:16:31