Описание
IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136.
Ссылки
- Technical Description
- Technical Description
- Technical Description
Уязвимые конфигурации
EPSS
5.4 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136.
IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136.
Уязвимость протоколов туннелирования пакетов IPv4-in-IPv6 и IPv6-in-IPv4, связанная с недостаточной проверкой источника канала связи, позволяющая нарушителю реализовать атаки типа «подмена доверенного объекта»
EPSS
5.4 Medium
CVSS3
6.5 Medium
CVSS3