摘要:
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
安全等级: Low
公告ID: KylinSec-SA-2024-3414
发布日期: 2024年8月23日
关联CVE: CVE-2020-10749
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2020-10749 | KY3.4-5A | containernetworking-plugins | Unaffected |
| CVE-2020-10749 | KY3.5.2 | containernetworking-plugins | Unaffected |
| CVE-2020-10749 | V6 | containernetworking-plugins | Unaffected |
