MitM attack in CNI Plugins



Published: 2020-07-24
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2020-10749
CWE-ID CWE-345
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe 		CNI Plugins
Server applications / Other server solutions

Vendor CNI

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Insufficient verification of data authenticity

EUVDB-ID: #VU31794

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-10749

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to perform a man-in-the-Middle attack.

The vulnerability exists due to insufficient verification of data authenticity in CNI plugins when processing IPV6 router advertisements. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

CNI Plugins: 0.1.0 - 0.8.5

External links

http://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10749
http://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###