IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:NIetf Ipv6
APPIetfwszystkie wersje
Related vulnerabilities
An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big (PTB) messages. (Th...
The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (...
IPv6-in-IPv4 tunneling (RFC 4213) allows an attacker to spoof and route traffic via an exposed network interfa...
The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attac...
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can ...