CVE-2021-20199
podman: Remote traffic to rootless containers is seen as orginating from localhost
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.
Los contenedores Rootless se ejecutan con Podman, reciben todo el tráfico con una dirección IP de origen 127.0.0.1 (incluyendo desde hosts remotos). Esto afecta a las aplicaciones en contenedores que confían en las conexiones localhost (127.0.01) por defecto y no requieren autenticación. Este problema afecta a Podman versión 1.8.0 en adelante
A flaw was found in podman. Rootless containers receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts) which impact containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. The highest threat from this vulnerability is to data integrity.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-12-17 CVE Reserved
- 2021-02-02 CVE Published
- 2023-10-19 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-346: Origin Validation Error
CAPEC
References (5)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://github.com/containers/podman/issues/5138 | 2024-08-03 |
URL | Date | SRC |
---|---|---|
https://github.com/containers/podman/pull/9052 | 2021-02-26 | |
https://github.com/rootless-containers/rootlesskit/pull/206 | 2021-02-26 |
URL | Date | SRC |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1919050 | 2021-02-26 | |
https://access.redhat.com/security/cve/CVE-2021-20199 | 2022-11-15 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Podman Project Search vendor "Podman Project" | Podman Search vendor "Podman Project" for product "Podman" | >= 1.8.0 < 3.0.0 Search vendor "Podman Project" for product "Podman" and version " >= 1.8.0 < 3.0.0" | - |
Affected
|