6 matches found
Cisco NX-OS Software Unexpected IP in IP Packet Processing (CVE-2020-10136)
Multiple products that implement the IP Encapsulation within IP standard RFC 2003, STD 1 decapsulate and route IP-in-IP traffic without any validation, which could allow an unauthenticated remote attacker to route arbitrary traffic via an exposed network interface and lead to spoofing, access...
Internet Bug Bounty: IP-in-IP protocol routes arbitrary traffic by default - CVE-2020-10136
Many machines 150K-180K on the internet accept and route IP over IP by default. IP-in-IP encapsulation is a tunneling protocol specified in RFC 2003 that allows for IP packets to be encapsulated inside another IP packets. This is very similar to IPSEC VPNs in tunnel mode, except in the case of...
CVE-2020-10136
creationtimestamp| type| source ---|---|--- 2020-06-03 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=482 2020-06-03 12:39:40+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/ip-ip-protokollan-toteutuksissa-haavoittuvuuksia 2020-06-03 14:30:02+00:00| seen|...
Severe Cisco DoS Flaw Can Cripple Nexus Switches
Cisco has patched a high-severity flaw in its NX-OS software, the network operating system used by Cisco’s Nexus-series Ethernet switches. If exploited, the vulnerability could allow an unauthenticated, remote attacker to bypass the input access control lists ACLs configured on affected Nexus...
CVE-2020-10136 IP-in-IP protocol allows a remote, unauthenticated attacker to route arbitrary network traffic
IP-in-IP protocol specifies IP Encapsulation within IP standard RFC 2003, STD 1 that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing...
CVE-2020-10136
CVE-2020-10136 concerns the IP Encapsulation within IP (IPIP) decapsulation path that decapsulates and routes IP-in-IP traffic without validation of the source network packets, enabling spoofing and potential access-control bypass and other unexpected behavior. The NVD entry assigns a MEDIUM seve...