Oval Definition:oval:org.opensuse.security:def:202013597
Revision Date:2022-05-22Version:1
Title:CVE-2020-13597
Description:
Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node’s IPv6 interface due to the node accepting route advertisement by default, allowing the attacker to redirect full or partial network traffic from the node to the compromised pod.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2020-13597
SUSE CVE-2020-13597
Platform(s):SUSE CaaS Platform 4.0
SUSE Linux Enterprise High Performance Computing 12
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 is installed
  • OR SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • OR SUSE Linux Enterprise Server 12 is installed
  • OR SUSE Linux Enterprise Server 12 SP3 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND kubernetes-client is not affected
    • Definition Synopsis
  • SUSE CaaS Platform 4.0 is installed
  • AND Package Information
  • kubernetes-client is affected
  • OR kubernetes-common is affected
  • OR kubernetes-kubeadm is affected
  • OR kubernetes-kubelet is affected
    • BACK