Lucene search
PRIOn knowledge basePRION:CVE-2020-10749HistoryJun 03, 2020 - 2:15 p.m.
Design/Logic Flaw
2020-06-0314:15:00
PRIOn knowledge base
www.prio-n.com
5
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fedora | eq | 32 | |
| cni_network_plugins | lt | 0.8.6 | |
| enterprise_linux | eq | 7.0 | |
| enterprise_linux | eq | 8.0 | |
| openshift_container_platform | eq | 4.0 |
References
lists.opensuse.org/opensuse-security-announce/2020-07/msg00063.html
lists.opensuse.org/opensuse-security-announce/2020-07/msg00065.html
bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10749
groups.google.com/forum/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DV3HCDZYUTPPVDUMTZXDKK6IUO3JMGJC/
Related
nessus
nessus
RHEL 7 / 8 : OpenShift Container Platform 4.3.25 containernetworking-plugins (RHSA-2020:2443)
2020-06-17 00:00:00
Fedora 32 : golang-github-containernetworking-plugins (2021-ccb8a9c403)
2021-01-11 00:00:00
SUSE SLES15 Security Update : cni-plugins (SUSE-SU-2020:1957-1)
2020-07-21 00:00:00
cve
cve
CVE-2020-10749
2020-06-03 14:15:12
suse
suse
Security update for cni-plugins (moderate)
2020-07-23 00:00:00
Security update for cni-plugins (moderate)
2020-07-23 00:00:00
redhat
redhat
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:1957-1)
2021-06-09 00:00:00
Fedora: Security Advisory for golang-github-containernetworking-plugins (FEDORA-2021-ccb8a9c403)
2021-01-11 00:00:00
openSUSE: Security Advisory for cni-plugins (openSUSE-SU-2020:1050-1)
2020-07-24 00:00:00
alpinelinux
alpinelinux
CVE-2020-10749
2020-06-03 14:15:12
debiancve
debiancve
CVE-2020-10749
2020-06-03 14:15:12
ubuntucve
ubuntucve
CVE-2020-10749
2020-06-03 00:00:00
osv
osv
CVE-2020-10749
2020-06-03 14:15:12
containernetworking/plugins vulnerable to MitM attacks
2022-05-24 17:19:02
Moderate: container-tools:rhel8 security, bug fix, and enhancement update
2020-11-03 12:27:37
ibm
ibm
cvelist
cvelist
CVE-2020-10749
2020-06-03 13:45:39
fedora
fedora
veracode
veracode
Man-in-the-middle (MitM)
2020-06-04 01:17:56
github
github
containernetworking/plugins vulnerable to MitM attacks
2022-05-24 17:19:02
redhatcve
redhatcve
CVE-2020-10749
2022-05-14 11:41:21
githubexploit
githubexploit
Exploit for CVE-2020-10749
2020-06-11 15:42:18
nvd
nvd
CVE-2020-10749
2020-06-03 14:15:12
f5
f5
K000134802 : Kubernetes vulnerability CVE-2020-10749
2023-05-25 00:00:00
oraclelinux
oraclelinux
kubernetes kubeadm-ha-setup kubernetes-cni kubernetes-cni-plugins security update
2020-06-12 00:00:00
kubernetes-cni-plugins kubernetes-cni kubernetes olcne security update
2020-06-12 00:00:00
container-tools:ol8 security, bug fix, and enhancement update
2020-11-10 00:00:00
almalinux
almalinux
Moderate: container-tools:rhel8 security, bug fix, and enhancement update
2020-11-03 12:27:37
rocky
rocky
container-tools:rhel8 security, bug fix, and enhancement update
2020-11-03 12:27:37