VDB

GCVE-110-CLOUD-2020-0024

GCVE-110-CLOUD-2020-0024
Advisory Published
Vulnetix · Advisory published June 15, 2020
An attacker with access to a hostNetwork=true container with CAP_NET_RAW capability can listen to all the traffic going through the host and inject arbitrary traffic, allowing to tamper with most unencrypted traffic (HTTP, DNS, DHCP, ...), and disrupt encrypted traffic. In GKE the host queries the metadata service at http://169[.]254.169.254 to get information, including the authorized SSH keys. By manipulating the metadata service responses and injecting our own SSH key, it is possible to gain root privilege on the host.

Affected Products

VendorProductVersionsPlatforms
GCPGKE, EKS
AWSGKE, EKS
AWSEKS
AWSSES

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›