Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-20199

Опубликовано: 01 янв. 2021
Источник: redhat
CVSS3: 5.9
EPSS Низкий

Описание

Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.

A flaw was found in podman. Rootless containers receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts) which impact containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. The highest threat from this vulnerability is to data integrity.

Отчет

This issue does not affect Podman prior to version 1.8.0. Podman shipped in the following products are therefore not affected:

  • Red Hat Enterprise Linux 7 Extras
  • Red Hat Enterprise Linux 8 Container Tools stream 1.0
  • Red Hat Enterprise Linux 8 Container Tools stream 2.0
  • OpenShift Container Platform 3.11
  • OpenShift Container Platform 4.1 to 4.5

Меры по смягчению последствий

Configure containerized applications to require authentication for connections from all sources, including localhost.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7podmanNot affected
Red Hat Enterprise Linux 8container-tools:1.0/podmanNot affected
Red Hat Enterprise Linux 8container-tools:2.0/podmanNot affected
Red Hat OpenShift Container Platform 3.11podmanNot affected
Red Hat OpenShift Container Platform 4podmanWill not fix
Red Hat Enterprise Linux 8container-toolsFixedRHSA-2021:179618.05.2021
Red Hat Enterprise Linux 9podmanFixedRHSA-2022:795415.11.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-346
https://bugzilla.redhat.com/show_bug.cgi?id=1919050podman: Remote traffic to rootless containers is seen as orginating from localhost

EPSS

Процентиль: 62%
0.00445
Низкий

5.9 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-20199

CVSS3: 5.9
ubuntu
больше 4 лет назад

Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.

nvd логотип

CVE-2021-20199

CVSS3: 5.9
nvd
больше 4 лет назад

Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.

msrc логотип

CVE-2021-20199

CVSS3: 5.9
msrc
больше 3 лет назад

Описание отсутствует

debian логотип

CVE-2021-20199

CVSS3: 5.9
debian
больше 4 лет назад

Rootless containers run with Podman, receive all traffic with a source ...

github логотип

GHSA-grh6-q6m2-rh72

CVSS3: 5.9
github
около 4 лет назад

Podman Origin Validation Error

EPSS

Процентиль: 62%
0.00445
Низкий

5.9 Medium

CVSS3