CVE-2020-13597 - Vulnerability Details - OpenCVE

Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node’s IPv6 interface due to the node accepting route advertisement by default, allowing the attacker to redirect full or partial network traffic from the node to the compromised pod.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Projectcalico	Calico

Configuration 1 [-]

OR	cpe:2.3:a:projectcalico:calico:::::enterprise:::*
	cpe:2.3:a:projectcalico:calico::::::::
	cpe:2.3:a:projectcalico:calico:::::enterprise:::*
	cpe:2.3:a:projectcalico:calico:::::enterprise:::*
	cpe:2.3:a:projectcalico:calico::::::::
	cpe:2.3:a:projectcalico:calico::::::::
	cpe:2.3:a:projectcalico:calico::::::::
	cpe:2.3:a:projectcalico:calico::::::::
	cpe:2.3:a:projectcalico:calico::::::::
	cpe:2.3:a:projectcalico:calico:3.14.0:::::::*

No data.

References

Link	Providers
https://github.com/kubernetes/kubernetes/issues/91507
https://groups.google.com/forum/#%21topic/kubernetes-security-announce/BMb_6ICCfp8
https://www.projectcalico.org/security-bulletins/

History

No history.

MITRE

Status: PUBLISHED

Assigner: Tigera

Published: 2020-06-03T16:44:38.089338Z

Updated: 2024-09-16T19:24:54.549Z

Reserved: 2020-05-26T00:00:00

Link: CVE-2020-13597

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-06-03T17:15:24.887

Modified: 2024-11-21T05:01:35.117

Link: CVE-2020-13597

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Calico", "vendor": "Tigera Inc", "versions": [{"status": "affected", "version": "3.14.0"}, {"lessThanOrEqual": "3.13.3", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "3.12.1", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "3.11.2", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "3.10.3", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "3.9.5", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "3.8.8", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"status": "affected", "version": "3.7.x"}, {"status": "affected", "version": "3.6.x"}, {"status": "affected", "version": "3.5.x"}, {"status": "affected", "version": "3.4.x"}, {"status": "affected", "version": "3.3.x"}, {"status": "affected", "version": "3.2.x"}, {"status": "affected", "version": "3.1.x"}, {"status": "affected", "version": "3.0.x"}, {"status": "affected", "version": "2.6.x"}, {"status": "affected", "version": "2.5.x"}, {"status": "affected", "version": "2.4.x"}, {"status": "affected", "version": "2.3.x"}, {"status": "affected", "version": "2.2.x"}, {"status": "affected", "version": "2.1.x"}, {"status": "affected", "version": "2.0.x"}, {"status": "affected", "version": "1.6.x"}, {"status": "affected", "version": "1.5.x"}]}, {"product": "Calico Enterprise", "vendor": "Tigera Inc", "versions": [{"lessThanOrEqual": "2.8.2", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "2.7.4", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "2.6.2", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"status": "affected", "version": "2.5.x"}, {"status": "affected", "version": "2.4.x"}, {"status": "affected", "version": "2.3.x"}, {"status": "affected", "version": "2.2.x"}, {"status": "affected", "version": "2.1.x"}, {"status": "affected", "version": "2.0.x"}]}], "datePublic": "2020-06-01T00:00:00", "descriptions": [{"lang": "en", "value": "Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node\u2019s IPv6 interface due to the node accepting route advertisement by default, allowing the attacker to redirect full or partial network traffic from the node to the compromised pod."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-201", "description": "CWE-201 Information Exposure Through Sent Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-06-03T16:44:38", "orgId": "e6d453f4-3dae-4941-bcea-9af25f4e824d", "shortName": "Tigera"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.projectcalico.org/security-bulletins/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/BMb_6ICCfp8"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/kubernetes/kubernetes/issues/91507"}], "source": {"advisory": "TTA-2020-001", "discovery": "EXTERNAL"}, "title": "Calico nodes IPv6 traffic redirection from route advertisment", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@tigera.io", "DATE_PUBLIC": "2020-06-01T16:27:00.000Z", "ID": "CVE-2020-13597", "STATE": "PUBLIC", "TITLE": "Calico nodes IPv6 traffic redirection from route advertisment"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Calico", "version": {"version_data": [{"version_affected": "=", "version_value": "3.14.0"}, {"version_affected": "<=", "version_value": "3.13.3"}, {"version_affected": "<=", "version_value": "3.12.1"}, {"version_affected": "<=", "version_value": "3.11.2"}, {"version_affected": "<=", "version_value": "3.10.3"}, {"version_affected": "<=", "version_value": "3.9.5"}, {"version_affected": "<=", "version_value": "3.8.8"}, {"version_affected": "=", "version_value": "3.7.x"}, {"version_affected": "=", "version_value": "3.6.x"}, {"version_affected": "=", "version_value": "3.5.x"}, {"version_affected": "=", "version_value": "3.4.x"}, {"version_affected": "=", "version_value": "3.3.x"}, {"version_affected": "=", "version_value": "3.2.x"}, {"version_affected": "=", "version_value": "3.1.x"}, {"version_affected": "=", "version_value": "3.0.x"}, {"version_affected": "=", "version_value": "2.6.x"}, {"version_affected": "=", "version_value": "2.5.x"}, {"version_affected": "=", "version_value": "2.4.x"}, {"version_affected": "=", "version_value": "2.3.x"}, {"version_affected": "=", "version_value": "2.2.x"}, {"version_affected": "=", "version_value": "2.1.x"}, {"version_affected": "=", "version_value": "2.0.x"}, {"version_affected": "=", "version_value": "1.6.x"}, {"version_affected": "=", "version_value": "1.5.x"}]}}]}, "vendor_name": "Tigera Inc"}, {"product": {"product_data": [{"product_name": "Calico Enterprise", "version": {"version_data": [{"version_affected": "<=", "version_value": "2.8.2"}, {"version_affected": "<=", "version_value": "2.7.4"}, {"version_affected": "<=", "version_value": "2.6.2"}, {"version_affected": "=", "version_value": "2.5.x"}, {"version_affected": "=", "version_value": "2.4.x"}, {"version_affected": "=", "version_value": "2.3.x"}, {"version_affected": "=", "version_value": "2.2.x"}, {"version_affected": "=", "version_value": "2.1.x"}, {"version_affected": "=", "version_value": "2.0.x"}]}}]}, "vendor_name": "Tigera Inc"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node\u2019s IPv6 interface due to the node accepting route advertisement by default, allowing the attacker to redirect full or partial network traffic from the node to the compromised pod."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-201 Information Exposure Through Sent Data"}]}]}, "references": {"reference_data": [{"name": "https://www.projectcalico.org/security-bulletins/", "refsource": "CONFIRM", "url": "https://www.projectcalico.org/security-bulletins/"}, {"name": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8", "refsource": "CONFIRM", "url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8"}, {"name": "https://github.com/kubernetes/kubernetes/issues/91507", "refsource": "CONFIRM", "url": "https://github.com/kubernetes/kubernetes/issues/91507"}]}, "source": {"advisory": "TTA-2020-001", "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:25:16.199Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.projectcalico.org/security-bulletins/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/BMb_6ICCfp8"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/kubernetes/kubernetes/issues/91507"}]}]}, "cveMetadata": {"assignerOrgId": "e6d453f4-3dae-4941-bcea-9af25f4e824d", "assignerShortName": "Tigera", "cveId": "CVE-2020-13597", "datePublished": "2020-06-03T16:44:38.089338Z", "dateReserved": "2020-05-26T00:00:00", "dateUpdated": "2024-09-16T19:24:54.549Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "95DB38FE-A03E-456B-874A-A58C31BE7592", "versionEndIncluding": "2.6.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:*", "matchCriteriaId": "CAFD1D82-33C2-4656-8E0F-ABF518E14C68", "versionEndIncluding": "3.8.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "C016A3C9-D2ED-4CD6-93E1-2FF4876381C6", "versionEndIncluding": "2.7.4", "versionStartIncluding": "2.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "0EB520BC-FACF-4C67-AFCD-73741DD633CD", "versionEndIncluding": "2.8.2", "versionStartIncluding": "2.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AEA624B-1358-4116-A19C-CF20513F0180", "versionEndIncluding": "3.9.5", "versionStartIncluding": "3.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:*", "matchCriteriaId": "BBDF7B5C-D289-48D0-A9E9-D468D182D0E9", "versionEndIncluding": "3.10.3", "versionStartIncluding": "3.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1373217-1065-4919-ADC9-055B556D3A41", "versionEndIncluding": "3.11.2", "versionStartIncluding": "3.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4934106-DDAC-4E1B-BC8A-791EE911608F", "versionEndIncluding": "3.12.1", "versionStartIncluding": "3.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBB409FF-5177-4C87-A45F-072CE3A4D7ED", "versionEndIncluding": "3.13.3", "versionStartIncluding": "3.13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:3.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "A78D854F-7BCB-4AF1-940E-AF61B469C0E5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node\u2019s IPv6 interface due to the node accepting route advertisement by default, allowing the attacker to redirect full or partial network traffic from the node to the compromised pod."}, {"lang": "es", "value": "Los cl\u00fasteres usando Calico (versi\u00f3n 3.14.0 y por debajo), Calico Enterprise (versi\u00f3n 2.8.2 y por debajo), pueden ser vulnerables a una divulgaci\u00f3n de informaci\u00f3n si IPv6 est\u00e1 habilitado pero no se usa. Un pod comprometido con privilegios suficientes puede reconfigurar la interfaz IPv6 del nodo debido a que el nodo acepta el anuncio de ruta por defecto, permitiendo a un atacante redireccionar el tr\u00e1fico de red total o parcial del nodo al pod comprometido."}], "id": "CVE-2020-13597", "lastModified": "2024-11-21T05:01:35.117", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.7, "source": "psirt@tigera.io", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-03T17:15:24.887", "references": [{"source": "psirt@tigera.io", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/kubernetes/kubernetes/issues/91507"}, {"source": "psirt@tigera.io", "url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/BMb_6ICCfp8"}, {"source": "psirt@tigera.io", "tags": ["Vendor Advisory"], "url": "https://www.projectcalico.org/security-bulletins/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/kubernetes/kubernetes/issues/91507"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/BMb_6ICCfp8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.projectcalico.org/security-bulletins/"}], "sourceIdentifier": "psirt@tigera.io", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-201"}], "source": "psirt@tigera.io", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}