Main Vulnerability Database Exploits ID:5265 - Exploit for Spoofing attack in Docker - CVE-2020-13401

ID:5265 - Exploit for Spoofing attack in Docker - CVE-2020-13401

Published: April 1, 2021

Vulnerability identifier: #VU28556

Vulnerability risk: Medium

CVE-ID: CVE-2020-13401

CWE-ID: CWE-451

Exploitation vector: Adjecent network

Vulnerable software:
Docker

Link to public exploit:

https://github.com/mmzaeimi/CVE-2020-13401

Vulnerability description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of IPv6 router advertisements. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service.

Remediation

Install updates from vendor's website.

ID:5265 - Exploit for Spoofing attack in Docker - CVE-2020-13401

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human