10 matches found
CVE-2020-11091
In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host via ipv6.disable=1 ...
containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters
A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending “rogue” IPv6 router advertisements to the host or other containers, t...
containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters
A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending “rogue” IPv6 router advertisements to the host or other containers, t...
containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters
A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending “rogue” IPv6 router advertisements to the host or other containers, t...
containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters
A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending “rogue” IPv6 router advertisements to the host or other containers, t...
containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters
A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending “rogue” IPv6 router advertisements to the host or other containers, t...
Man-in-the-Middle (MtiM)
github.com/weaveworks/weave is vulnerable to Man-in-the-Middle MtiM. IPv4 only clusters allows for MitM attacks via IPv6 rogue router advertisements if an attacker is able to run a process as root in a container and is able to respond to DNS requests from the host...
CVE-2020-11091 Weave Net clusters susceptible to MitM attacks via IPv6 rogue router advertisements
In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host via ipv6.disable=1 ...
PT-2020-12547 · Weave · Weave Net
Name of the Vulnerable Software and Affected Versions: Weave Net versions prior to 2.6.3 Description: An attacker able to run a process as root in a container can respond to DNS requests from the host and insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is...
IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements
CVSS Rating: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L 6.0 Medium A cluster configured to use an affected container networking implementation is susceptible to man-in-the-middle MitM attacks. By sending “rogue” router advertisements, a malicious container can reconfigure the host to redirect...