Lucene search

K
cvelistTigeraCVELIST:CVE-2020-13597
HistoryJun 03, 2020 - 4:44 p.m.

CVE-2020-13597 Calico nodes IPv6 traffic redirection from route advertisment

2020-06-0316:44:38
CWE-201
Tigera
www.cve.org
7
cve-2020-13597
calico
ipv6
traffic redirection
information disclosure
route advertisement
vulnerability
network traffic

CVSS3

6

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L

AI Score

6

Confidence

High

EPSS

0.001

Percentile

29.8%

Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node’s IPv6 interface due to the node accepting route advertisement by default, allowing the attacker to redirect full or partial network traffic from the node to the compromised pod.

CNA Affected

[
  {
    "product": "Calico",
    "vendor": "Tigera Inc",
    "versions": [
      {
        "status": "affected",
        "version": "3.14.0"
      },
      {
        "lessThanOrEqual": "3.13.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "3.12.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "3.11.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "3.10.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "3.9.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "3.8.8",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "3.7.x"
      },
      {
        "status": "affected",
        "version": "3.6.x"
      },
      {
        "status": "affected",
        "version": "3.5.x"
      },
      {
        "status": "affected",
        "version": "3.4.x"
      },
      {
        "status": "affected",
        "version": "3.3.x"
      },
      {
        "status": "affected",
        "version": "3.2.x"
      },
      {
        "status": "affected",
        "version": "3.1.x"
      },
      {
        "status": "affected",
        "version": "3.0.x"
      },
      {
        "status": "affected",
        "version": "2.6.x"
      },
      {
        "status": "affected",
        "version": "2.5.x"
      },
      {
        "status": "affected",
        "version": "2.4.x"
      },
      {
        "status": "affected",
        "version": "2.3.x"
      },
      {
        "status": "affected",
        "version": "2.2.x"
      },
      {
        "status": "affected",
        "version": "2.1.x"
      },
      {
        "status": "affected",
        "version": "2.0.x"
      },
      {
        "status": "affected",
        "version": "1.6.x"
      },
      {
        "status": "affected",
        "version": "1.5.x"
      }
    ]
  },
  {
    "product": "Calico Enterprise",
    "vendor": "Tigera Inc",
    "versions": [
      {
        "lessThanOrEqual": "2.8.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "2.7.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "2.6.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "2.5.x"
      },
      {
        "status": "affected",
        "version": "2.4.x"
      },
      {
        "status": "affected",
        "version": "2.3.x"
      },
      {
        "status": "affected",
        "version": "2.2.x"
      },
      {
        "status": "affected",
        "version": "2.1.x"
      },
      {
        "status": "affected",
        "version": "2.0.x"
      }
    ]
  }
]

CVSS3

6

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L

AI Score

6

Confidence

High

EPSS

0.001

Percentile

29.8%