CVE-2020-13597 Calico nodes IPv6 traffic redirection from route advertisment

🗓️ 03 Jun 2020 16:44:38Reported by TigeraType

Calico nodes vulnerability to IPv6 traffic redirectio

Reporter	Title	Published	Views	Family All 17
IBM Security Bulletins	Security Bulletin: IBM Cloud Kubernetes Service is affected by a vulnerability in CNI IPv6 route advertisement (CVE-2020-13597)	24 Jun 202016:32	–	ibm
CNVD	Tigera Calico Information Disclosure Vulnerability	4 Jun 202000:00	–	cnvd
CVE	CVE-2020-13597	3 Jun 202016:44	–	cve
EUVD	EUVD-2022-1122	3 Oct 202520:07	–	euvd
Github Security Blog	Exposure of Sensitive Information to an Unauthorized Actor and Insertion of Sensitive Information Into Sent Data in Calico	15 Feb 202201:57	–	github
NVD	CVE-2020-13597	3 Jun 202017:15	–	nvd
OSV	CGA-286X-2VPM-XRH8	6 Jun 202412:09	–	osv
OSV	CGA-2CVJ-F2MR-FC7R	6 Jun 202412:18	–	osv
OSV	CGA-8W7Q-72FP-MWQP	29 Jan 202600:47	–	osv
OSV	GHSA-PF59-J7C2-RH6X Exposure of Sensitive Information to an Unauthorized Actor and Insertion of Sensitive Information Into Sent Data in Calico	15 Feb 202201:57	–	osv

[
  {
    "product": "Calico",
    "vendor": "Tigera Inc",
    "versions": [
      {
        "status": "affected",
        "version": "3.14.0"
      },
      {
        "lessThanOrEqual": "3.13.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "3.12.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "3.11.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "3.10.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "3.9.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "3.8.8",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "3.7.x"
      },
      {
        "status": "affected",
        "version": "3.6.x"
      },
      {
        "status": "affected",
        "version": "3.5.x"
      },
      {
        "status": "affected",
        "version": "3.4.x"
      },
      {
        "status": "affected",
        "version": "3.3.x"
      },
      {
        "status": "affected",
        "version": "3.2.x"
      },
      {
        "status": "affected",
        "version": "3.1.x"
      },
      {
        "status": "affected",
        "version": "3.0.x"
      },
      {
        "status": "affected",
        "version": "2.6.x"
      },
      {
        "status": "affected",
        "version": "2.5.x"
      },
      {
        "status": "affected",
        "version": "2.4.x"
      },
      {
        "status": "affected",
        "version": "2.3.x"
      },
      {
        "status": "affected",
        "version": "2.2.x"
      },
      {
        "status": "affected",
        "version": "2.1.x"
      },
      {
        "status": "affected",
        "version": "2.0.x"
      },
      {
        "status": "affected",
        "version": "1.6.x"
      },
      {
        "status": "affected",
        "version": "1.5.x"
      }
    ]
  },
  {
    "product": "Calico Enterprise",
    "vendor": "Tigera Inc",
    "versions": [
      {
        "lessThanOrEqual": "2.8.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "2.7.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "2.6.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "2.5.x"
      },
      {
        "status": "affected",
        "version": "2.4.x"
      },
      {
        "status": "affected",
        "version": "2.3.x"
      },
      {
        "status": "affected",
        "version": "2.2.x"
      },
      {
        "status": "affected",
        "version": "2.1.x"
      },
      {
        "status": "affected",
        "version": "2.0.x"
      }
    ]
  }
]

Source	Link
github	www.github.com/kubernetes/kubernetes/issues/91507
groups	www.groups.google.com/forum/
projectcalico	www.projectcalico.org/security-bulletins/

03 Jun 2020 16:44Current

6Medium risk

Vulners AI Score6

CVSS 3.16

EPSS0.00902

CWE-201