5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.011 Low
EPSS
Percentile
83.9%
A flaw was found in the IP-in-IP protocol. An unauthenticated attacker can use the IP-in-IP protocol to route network traffic through a vulnerable device, which can lead to spoofing, access control bypasses, and other unexpected network behaviors.
Systems that have IP in IP kernel modules loaded will need to unload the "ipip" kernel module and blacklist it to prevent the module from being used a fix has been provided ( See <https://access.redhat.com/solutions/41278> for a guide on how to blacklist modules).
Take careful consideration that if unloading and blacklisting the module, this may create a one-time attack vector window for a local attacker.
Consider using an alternative authenticated and encrypted tunnelling protocol until a suitable solution is developed.
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-securing_virtual_private_networks
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-setting_and_controlling_ip_sets_using_iptables
bugzilla.redhat.com/show_bug.cgi?id=1829625
nvd.nist.gov/vuln/detail/CVE-2020-10136
www.cve.org/CVERecord?id=CVE-2020-10136
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.011 Low
EPSS
Percentile
83.9%