Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2020-10136

UNKNOWN
Published 2020-06-02T08:35:12.921954Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2020-10136. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

IETF

RFC2003 - IP Encapsulation within IP

Affected Versions:

STD 1

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-8gxc-83hw-9578

Advisory Details

Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1) decapsulate and route IP-in-IP traffic without any validation, which could allow an unauthenticated remote attacker to route arbitrary traffic via an exposed network interface and lead to spoofing, access control bypass, and other unexpected network behaviors.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2020-10136
WEB https://datatracker.ietf.org/doc/html/rfc6169
WEB https://kb.cert.org/vuls/id/636397
WEB https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4
WEB https://www.digi.com/resources/security
WEB https://www.kb.cert.org/vuls/id/636397

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: June 18, 2024

References

https://kb.cert.org/vuls/id/636397/
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4
https://www.digi.com/resources/security
https://www.kb.cert.org/vuls/id/636397
https://datatracker.ietf.org/doc/html/rfc6169
Published: 2020-06-02T08:35:12.921954Z
Last Modified: 2024-09-17T00:56:11.850Z
Copied to clipboard!