VDB
DEBIAN-CVE-2020-10749
DEBIAN-CVE-2020-10749
PUBLISHED
CVSS 6 MEDIUM
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
Risk Scores
CVSS 3.1
6
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | golang-github-containernetworking-plugins | 0, 0, 0 |
| Debian:12 | golang-github-containernetworking-plugins | 0, 0, 0 |
| Debian:11 | golang-github-containernetworking-plugins | 0, 0, 0 |
| Debian:14 | golang-github-containernetworking-plugins | 0, 0, 0 |
Exploit Intelligence
- CVE-2020-10749 PoC (Kubernetes MitM attacks via IPv6 rogue router advertisements) (github-poc)
- CVE.json (github-poc)
Timeline
- Jun 3, 2020 CVE Published
- Apr 28, 2026 CVE Updated