First published: Fri May 08 2020(Updated: )
Docker creates network bridges that accept IPv6 router advertisements by default. An attacker able to execute code in a container could exploit this to spoof rogue IPv6 router advertisements to perform a MitM attack against the host network.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/docker | <19.03.11 | 19.03.11 |
debian/docker.io | 18.09.1+dfsg1-7.1+deb10u3 20.10.5+dfsg1-1+deb11u2 20.10.24+dfsg1-1 20.10.25+dfsg1-1 20.10.25+dfsg1-2 | |
Docker Engine | <19.03.11 | |
Fedoraproject Fedora | =31 | |
Fedoraproject Fedora | =32 | |
Debian Debian Linux | =10.0 | |
Broadcom Sannav | ||
IBM Security Guardium | <=10.5 | |
IBM Security Guardium | <=10.6 | |
IBM Security Guardium | <=11.0 | |
IBM Security Guardium | <=11.1 | |
IBM Security Guardium | <=11.2 | |
IBM Security Guardium | <=11.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2020-13401.
CVE-2020-13401 has a severity level of high.
IBM Security Guardium versions up to 11.3 and Docker Engine versions up to 19.03.11 are affected by CVE-2020-13401.
CVE-2020-13401 allows an attacker to perform man-in-the-middle attacks and gain access to the communication channel between endpoints.
To fix CVE-2020-13401, update Docker Engine to version 19.03.11.