Lucene search
F5F5:K44453423HistoryJul 01, 2020 - 12:00 a.m.
K44453423 : IP-in-IP Packet Processing vulnerability CVE-2020-10136
2020-07-0100:00:00
my.f5.com
17
Security Advisory Description
Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1) decapsulate and route IP-in-IP traffic without any validation, which could allow an unauthenticated remote attacker to route arbitrary traffic via an exposed network interface and lead to spoofing, access control bypass, and other unexpected network behaviors. (CVE-2020-10136)
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
hackerone
hackerone
cisco
cisco
Cisco NX-OS Software Unexpected IP in IP Packet Processing Vulnerability
2020-06-01 16:00:00
redhatcve
redhatcve
CVE-2020-10136
2020-06-10 06:54:44
cert
cert
IP-in-IP protocol routes arbitrary traffic by default
2020-06-02 00:00:00
nessus
nessus
nvd
nvd
CVE-2020-10136
2020-06-02 09:15:09
prion
prion
Improper access control
2020-06-02 09:15:00
cvelist
cvelist
cve
cve
CVE-2020-10136
2020-06-02 09:15:09
threatpost
threatpost
Severe Cisco DoS Flaw Can Cripple Nexus Switches
2020-06-02 16:16:31