Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-10476

Malware in sbrugna...

7.5CVSS7.6AI score0.01371EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 5:23 p.m.2 views

CVE-2020-11091

In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host via ipv6.disable=1 ...

9.3CVSS6.5AI score0.14555EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2021/05/27 7:0 p.m.70 views

Weave Net clusters susceptible to MitM attacks via IPv6 rogue router advertisements

Impact An attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host via ipv6.disable=1 on the kernel cmdline, it wi...

5.8CVSS0.7AI score0.0086EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/05/27 7:0 p.m.18 views

GHSA-59QG-GRP7-5R73 Weave Net clusters susceptible to MitM attacks via IPv6 rogue router advertisements

Impact An attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host via ipv6.disable=1 on the kernel cmdline, it wi...

5.8CVSS5.9AI score0.0086EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/11/04 1:34 a.m.5 views

containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters

A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending “rogue” IPv6 router advertisements to the host or other containers, t...

6CVSS7.1AI score0.02428EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2020/07/01 4:6 p.m.2 views

containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters

A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending “rogue” IPv6 router advertisements to the host or other containers, t...

6CVSS7.1AI score0.02428EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2020/06/23 2:27 p.m.3 views

containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters

A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending “rogue” IPv6 router advertisements to the host or other containers, t...

6CVSS7.1AI score0.02428EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2020/06/17 8:52 p.m.4 views

containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters

A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending “rogue” IPv6 router advertisements to the host or other containers, t...

6CVSS7.1AI score0.02428EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2020/06/17 7:46 p.m.8 views

containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters

A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending “rogue” IPv6 router advertisements to the host or other containers, t...

6CVSS7.1AI score0.02428EPSS
Exploits1References5
Oracle linux
Oracle linux
added 2020/06/12 12:0 a.m.53 views

kubernetes kubeadm-ha-setup kubernetes-cni kubernetes-cni-plugins security update

kubernetes 1.12.10-1.0.12 - CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements - CVE-2020-8555: Half-Blind SSRF in kube-controller-manager kubeadm-ha-setup 0.0.2-1.0.70 - Enhance image tag read to depend on kubeadm-registry.sh for CVE release...

6.3CVSS3.2AI score0.03679EPSS
Exploits1
Veracode
Veracode
added 2020/06/05 6:37 a.m.21 views

Man-in-the-Middle (MtiM)

github.com/weaveworks/weave is vulnerable to Man-in-the-Middle MtiM. IPv4 only clusters allows for MitM attacks via IPv6 rogue router advertisements if an attacker is able to run a process as root in a container and is able to respond to DNS requests from the host...

5.8CVSS5.8AI score0.0086EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/06/03 10:55 p.m.25 views

CVE-2020-11091 Weave Net clusters susceptible to MitM attacks via IPv6 rogue router advertisements

In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host via ipv6.disable=1 ...

5.8CVSS6.6AI score0.0086EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/06/03 12:0 a.m.3 views

PT-2020-12547 · Weave · Weave Net

Name of the Vulnerable Software and Affected Versions: Weave Net versions prior to 2.6.3 Description: An attacker able to run a process as root in a container can respond to DNS requests from the host and insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is...

5.8CVSS6.8AI score0.0086EPSS
Exploits0References7
Kubernetes Security Advisories
Kubernetes Security Advisories
added 2020/05/27 7:32 p.m.4 views

IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements

CVSS Rating: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L 6.0 Medium A cluster configured to use an affected container networking implementation is susceptible to man-in-the-middle MitM attacks. By sending “rogue” router advertisements, a malicious container can reconfigure the host to redirect...

6CVSS6.7AI score0.02428EPSS
Exploits1Affected Software1
NVD
NVD
added 2017/07/31 9:29 p.m.16 views

CVE-2017-1460

IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router spoofs its origin. Routing tables are affected by a missing LSA, which may lead to loss of connectivity. IBM X-Force ID: 128379...

7.5CVSS7.3AI score0.01371EPSS
Exploits0References2
OSV
OSV
added 2017/07/31 9:29 p.m.4 views

CVE-2017-1460

IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router spoofs its origin. Routing tables are affected by a missing LSA, which may lead to loss of connectivity. IBM X-Force ID: 128379...

7.5CVSS5.8AI score0.01371EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/07/31 9:0 p.m.20 views

CVE-2017-1460

IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router spoofs its origin. Routing tables are affected by a missing LSA, which may lead to loss of connectivity. IBM X-Force ID: 128379...

7.3AI score0.01371EPSS
Exploits0References2
Rows per page
Query Builder