Published: 02/06/2020 Updated: 07/11/2023

CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8

CVSS v3 Base Score: 6 | Impact Score: 3.7 | Exploitability Score: 1.8

VMScore: 535

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

An issue exists in Docker Engine prior to 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
docker engine
fedoraproject fedora 31
fedoraproject fedora 32
debian debian linux 10.0
broadcom sannav -

Debian Bug report logs - #962141 dockerio: CVE-2020-13401 Package: src:dockerio; Maintainer for src:dockerio is Arnaud Rebillout <arnaudrebillout@collaboracom>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 3 Jun 2020 19:03:01 UTC Severity: important Tags: security, upstream Found in version ...

Etienne Champetier discovered that Docker, a Linux container runtime, created network bridges which by default accept IPv6 router advertisements This could allow an attacker with the CAP_NET_RAW capability in a container to spoof router advertisements, resulting in information disclosure or denial of service For the stable distribution (buster), ...

An issue was discovered in Docker Engine before 190311 An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service(CVE-2020-13401) ...

A flaw was found in Docker when it creates network bridges that accept IPv6 router advertisements by default This flaw allows an attacker who can execute code in a container to possibly spoof rogue IPv6 router advertisements to perform a man-in-the-middle (MitM) attack against the host network or another container (CVE-2020-13401) A flaw was foun ...

Study on CVE-2020-13401 vulnerability of containers in dockers older than 19.03.11

CVE-2020-13401 Study Study on CVE-2020-13401 vulnerability of containers in dockers older than 190311 Containers that are created with Docker Engine versions before 190311 are vulnerable to receive and apply fake RA (Router Advertisement) messages from other containers in the network Receiving RAs is a normal behavior of operating system, but if the RA sender is not truste

Study on CVE-2020-13401 vulnerability of containers in dockers older than 19.03.11

CVE-2020-13401 Study Study on CVE-2020-13401 vulnerability of containers in dockers older than 190311 Containers that are created with Docker Engine versions before 190311 are vulnerable to receive and apply fake RA (Router Advertisement) messages from other containers in the network Receiving RAs is a normal behavior of operating system, but if the RA sender is not truste

CWE-20 https://docs.docker.com/engine/release-notes/http://www.openwall.com/lists/oss-security/2020/06/01/5 https://github.com/docker/docker-ce/releases/tag/v19.03.11 http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00040.html https://www.debian.org/security/2020/dsa-4716 https://security.netapp.com/advisory/ntap-20200717-0002/https://security.gentoo.org/glsa/202008-15 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DN4JQAOXBE3XUNK3FD423LHE3K74EMJT/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJZLKRCOJMOGUIJI2AS27BOZS3RBEF3K/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962141 https://nvd.nist.gov https://github.com/mmzaeimi/CVE-2020-13401 https://www.debian.org/security/2020/dsa-4716

CVE-2020-13401

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect