MCR: The Swarm VXLAN port may be exposed to attack due to ambiguous documentation

Release Date

2023-04-04

Overview

System administrators may have been misled by ambiguities in the Swarm Mode documentation, which enumerates a list of ports used by the feature without appropriate context and cautionary labeling.

Consult the upstream advisory for details and instructions.

Affected Products

Mirantis Container Runtime (MCR)

Vulnerability Information

Identifier

GHSA-vwm3-crmr-xfxw

CVSSv3.1

N/A

CWEs

N/A

Acknowledgements

Found by the MCR team, with assistance from the Moby community

Disclosure Timeline

2023-04-04: Security advisory disclosed
2023-03-09: Upstream partners alerted
2023-03-08: Security issue identified by MCR team

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

0006.md

0006.md

MCR: The Swarm VXLAN port may be exposed to attack due to ambiguous documentation

Release Date

Overview

Affected Products

Vulnerability Information

Identifier

CVSSv3.1

CWEs

Acknowledgements

Disclosure Timeline

Files

0006.md

Latest commit

History

0006.md

File metadata and controls

MCR: The Swarm VXLAN port may be exposed to attack due to ambiguous documentation

Release Date

Overview

Affected Products

Vulnerability Information

Identifier

CVSSv3.1

CWEs

Acknowledgements

Disclosure Timeline