CVE-2020-13597 - OpenCVE

Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node’s IPv6 interface due to the node accepting route advertisement by default, allowing the attacker to redirect full or partial network traffic from the node to the compromised pod.

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:H/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Projectcalico	Calico

Configuration 1 [-]

OR	cpe:2.3:a:projectcalico:calico:::::enterprise:::*
	cpe:2.3:a:projectcalico:calico::::::::
	cpe:2.3:a:projectcalico:calico:::::enterprise:::*
	cpe:2.3:a:projectcalico:calico:::::enterprise:::*
	cpe:2.3:a:projectcalico:calico::::::::
	cpe:2.3:a:projectcalico:calico::::::::
	cpe:2.3:a:projectcalico:calico::::::::
	cpe:2.3:a:projectcalico:calico::::::::
	cpe:2.3:a:projectcalico:calico::::::::
	cpe:2.3:a:projectcalico:calico:3.14.0:::::::*

References

Link	Resource
https://github.com/kubernetes/kubernetes/issues/91507	Issue Tracking Third Party Advisory
https://groups.google.com/forum/#%21topic/kubernetes-security-announce/BMb_6ICCfp8
https://www.projectcalico.org/security-bulletins/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Tigera

Published: 2020-06-01T00:00:00

Updated: 2020-06-03T16:44:38

Reserved: 2020-05-26T00:00:00

Link: CVE-2020-13597

JSON object: View

NVD Information

Status : Modified

Published: 2020-06-03T17:15:24.887

Modified: 2023-11-07T03:16:44.010

Link: CVE-2020-13597

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Calico", "vendor": "Tigera Inc", "versions": [{"status": "affected", "version": "3.14.0"}, {"lessThanOrEqual": "3.13.3", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "3.12.1", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "3.11.2", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "3.10.3", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "3.9.5", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "3.8.8", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"status": "affected", "version": "3.7.x"}, {"status": "affected", "version": "3.6.x"}, {"status": "affected", "version": "3.5.x"}, {"status": "affected", "version": "3.4.x"}, {"status": "affected", "version": "3.3.x"}, {"status": "affected", "version": "3.2.x"}, {"status": "affected", "version": "3.1.x"}, {"status": "affected", "version": "3.0.x"}, {"status": "affected", "version": "2.6.x"}, {"status": "affected", "version": "2.5.x"}, {"status": "affected", "version": "2.4.x"}, {"status": "affected", "version": "2.3.x"}, {"status": "affected", "version": "2.2.x"}, {"status": "affected", "version": "2.1.x"}, {"status": "affected", "version": "2.0.x"}, {"status": "affected", "version": "1.6.x"}, {"status": "affected", "version": "1.5.x"}]}, {"product": "Calico Enterprise", "vendor": "Tigera Inc", "versions": [{"lessThanOrEqual": "2.8.2", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "2.7.4", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "2.6.2", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"status": "affected", "version": "2.5.x"}, {"status": "affected", "version": "2.4.x"}, {"status": "affected", "version": "2.3.x"}, {"status": "affected", "version": "2.2.x"}, {"status": "affected", "version": "2.1.x"}, {"status": "affected", "version": "2.0.x"}]}], "datePublic": "2020-06-01T00:00:00", "descriptions": [{"lang": "en", "value": "Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node\u2019s IPv6 interface due to the node accepting route advertisement by default, allowing the attacker to redirect full or partial network traffic from the node to the compromised pod."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-201", "description": "CWE-201 Information Exposure Through Sent Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-06-03T16:44:38", "orgId": "e6d453f4-3dae-4941-bcea-9af25f4e824d", "shortName": "Tigera"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.projectcalico.org/security-bulletins/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/BMb_6ICCfp8"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/kubernetes/kubernetes/issues/91507"}], "source": {"advisory": "TTA-2020-001", "discovery": "EXTERNAL"}, "title": "Calico nodes IPv6 traffic redirection from route advertisment", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@tigera.io", "DATE_PUBLIC": "2020-06-01T16:27:00.000Z", "ID": "CVE-2020-13597", "STATE": "PUBLIC", "TITLE": "Calico nodes IPv6 traffic redirection from route advertisment"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Calico", "version": {"version_data": [{"version_affected": "=", "version_value": "3.14.0"}, {"version_affected": "<=", "version_value": "3.13.3"}, {"version_affected": "<=", "version_value": "3.12.1"}, {"version_affected": "<=", "version_value": "3.11.2"}, {"version_affected": "<=", "version_value": "3.10.3"}, {"version_affected": "<=", "version_value": "3.9.5"}, {"version_affected": "<=", "version_value": "3.8.8"}, {"version_affected": "=", "version_value": "3.7.x"}, {"version_affected": "=", "version_value": "3.6.x"}, {"version_affected": "=", "version_value": "3.5.x"}, {"version_affected": "=", "version_value": "3.4.x"}, {"version_affected": "=", "version_value": "3.3.x"}, {"version_affected": "=", "version_value": "3.2.x"}, {"version_affected": "=", "version_value": "3.1.x"}, {"version_affected": "=", "version_value": "3.0.x"}, {"version_affected": "=", "version_value": "2.6.x"}, {"version_affected": "=", "version_value": "2.5.x"}, {"version_affected": "=", "version_value": "2.4.x"}, {"version_affected": "=", "version_value": "2.3.x"}, {"version_affected": "=", "version_value": "2.2.x"}, {"version_affected": "=", "version_value": "2.1.x"}, {"version_affected": "=", "version_value": "2.0.x"}, {"version_affected": "=", "version_value": "1.6.x"}, {"version_affected": "=", "version_value": "1.5.x"}]}}]}, "vendor_name": "Tigera Inc"}, {"product": {"product_data": [{"product_name": "Calico Enterprise", "version": {"version_data": [{"version_affected": "<=", "version_value": "2.8.2"}, {"version_affected": "<=", "version_value": "2.7.4"}, {"version_affected": "<=", "version_value": "2.6.2"}, {"version_affected": "=", "version_value": "2.5.x"}, {"version_affected": "=", "version_value": "2.4.x"}, {"version_affected": "=", "version_value": "2.3.x"}, {"version_affected": "=", "version_value": "2.2.x"}, {"version_affected": "=", "version_value": "2.1.x"}, {"version_affected": "=", "version_value": "2.0.x"}]}}]}, "vendor_name": "Tigera Inc"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node\u2019s IPv6 interface due to the node accepting route advertisement by default, allowing the attacker to redirect full or partial network traffic from the node to the compromised pod."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-201 Information Exposure Through Sent Data"}]}]}, "references": {"reference_data": [{"name": "https://www.projectcalico.org/security-bulletins/", "refsource": "CONFIRM", "url": "https://www.projectcalico.org/security-bulletins/"}, {"name": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8", "refsource": "CONFIRM", "url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8"}, {"name": "https://github.com/kubernetes/kubernetes/issues/91507", "refsource": "CONFIRM", "url": "https://github.com/kubernetes/kubernetes/issues/91507"}]}, "source": {"advisory": "TTA-2020-001", "discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "e6d453f4-3dae-4941-bcea-9af25f4e824d", "assignerShortName": "Tigera", "cveId": "CVE-2020-13597", "datePublished": "2020-06-01T00:00:00", "dateReserved": "2020-05-26T00:00:00", "dateUpdated": "2020-06-03T16:44:38", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "95DB38FE-A03E-456B-874A-A58C31BE7592", "versionEndIncluding": "2.6.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:*", "matchCriteriaId": "CAFD1D82-33C2-4656-8E0F-ABF518E14C68", "versionEndIncluding": "3.8.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "C016A3C9-D2ED-4CD6-93E1-2FF4876381C6", "versionEndIncluding": "2.7.4", "versionStartIncluding": "2.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "0EB520BC-FACF-4C67-AFCD-73741DD633CD", "versionEndIncluding": "2.8.2", "versionStartIncluding": "2.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AEA624B-1358-4116-A19C-CF20513F0180", "versionEndIncluding": "3.9.5", "versionStartIncluding": "3.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:*", "matchCriteriaId": "BBDF7B5C-D289-48D0-A9E9-D468D182D0E9", "versionEndIncluding": "3.10.3", "versionStartIncluding": "3.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1373217-1065-4919-ADC9-055B556D3A41", "versionEndIncluding": "3.11.2", "versionStartIncluding": "3.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4934106-DDAC-4E1B-BC8A-791EE911608F", "versionEndIncluding": "3.12.1", "versionStartIncluding": "3.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBB409FF-5177-4C87-A45F-072CE3A4D7ED", "versionEndIncluding": "3.13.3", "versionStartIncluding": "3.13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:projectcalico:calico:3.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "A78D854F-7BCB-4AF1-940E-AF61B469C0E5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node\u2019s IPv6 interface due to the node accepting route advertisement by default, allowing the attacker to redirect full or partial network traffic from the node to the compromised pod."}, {"lang": "es", "value": "Los cl\u00fasteres usando Calico (versi\u00f3n 3.14.0 y por debajo), Calico Enterprise (versi\u00f3n 2.8.2 y por debajo), pueden ser vulnerables a una divulgaci\u00f3n de informaci\u00f3n si IPv6 est\u00e1 habilitado pero no se usa. Un pod comprometido con privilegios suficientes puede reconfigurar la interfaz IPv6 del nodo debido a que el nodo acepta el anuncio de ruta por defecto, permitiendo a un atacante redireccionar el tr\u00e1fico de red total o parcial del nodo al pod comprometido."}], "id": "CVE-2020-13597", "lastModified": "2023-11-07T03:16:44.010", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.7, "source": "psirt@tigera.io", "type": "Secondary"}]}, "published": "2020-06-03T17:15:24.887", "references": [{"source": "psirt@tigera.io", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/kubernetes/kubernetes/issues/91507"}, {"source": "psirt@tigera.io", "url": "https://groups.google.com/forum/#%21topic/kubernetes-security-announce/BMb_6ICCfp8"}, {"source": "psirt@tigera.io", "tags": ["Vendor Advisory"], "url": "https://www.projectcalico.org/security-bulletins/"}], "sourceIdentifier": "psirt@tigera.io", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-201"}], "source": "psirt@tigera.io", "type": "Secondary"}]}