Home > Vulnerability Database > CVE-2020-27836

Mend Vulnerability Database

CVE-2020-27836

Good to know:

Date: October 27, 2020

A flaw was found in cluster-ingress-operator. A change to how the router-default service allows only certain IP source ranges could allow an attacker to access resources that would otherwise be restricted to specified IP ranges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Language: Go

Severity Score

8.1

Related Resources (4)

Url: https://bugzilla.redhat.com/show_bug.cgi?id=1906267

Url: https://nvd.nist.gov/vuln/detail/CVE-2020-27836

Url: https://github.com/openshift/cluster-ingress-operator/commit/3276bbc811dcd771291cc2de8107ebd89fa5b66d

Url: https://www.mend.io/vulnerability-database/CVE-2020-27836

Severity Score

8.1

Top Fix

Upgrade Version

No fix version available

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend Vulnerability Database

We found results for “”

CVE-2020-27836

Good to know:

Date: October 27, 2020

Language: Go

Severity Score

Related Resources (4)

Severity Score

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?