CVE-2021-20199

podman: Remote traffic to rootless containers is seen as orginating from localhost

Severity Score

5.9

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.

Los contenedores Rootless se ejecutan con Podman, reciben todo el tráfico con una dirección IP de origen 127.0.0.1 (incluyendo desde hosts remotos). Esto afecta a las aplicaciones en contenedores que confían en las conexiones localhost (127.0.01) por defecto y no requieren autenticación. Este problema afecta a Podman versión 1.8.0 en adelante

A flaw was found in podman. Rootless containers receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts) which impact containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. The highest threat from this vulnerability is to data integrity.

*Credits: N/A

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-12-17 CVE Reserved
2021-02-02 CVE Published
2023-10-19 EPSS Updated
2024-08-03 CVE Updated
2024-08-03 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-346: Origin Validation Error

CAPEC

References (5)

URL	Tag	Source

URL	Date	SRC
https://github.com/containers/podman/issues/5138	2024-08-03

URL	Date	SRC
https://github.com/containers/podman/pull/9052	2021-02-26
https://github.com/rootless-containers/rootlesskit/pull/206	2021-02-26

URL	Date	SRC
https://bugzilla.redhat.com/show_bug.cgi?id=1919050	2021-02-26
https://access.redhat.com/security/cve/CVE-2021-20199	2022-11-15

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Podman Project Search vendor "Podman Project"		Podman Search vendor "Podman Project" for product "Podman"				>= 1.8.0 < 3.0.0 Search vendor "Podman Project" for product "Podman" and version " >= 1.8.0 < 3.0.0"		-		Affected