U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2020-13597

Change History

Initial Analysis by NIST 6/08/2020 2:02:53 PM

Action Type Old Value New Value
Added CPE Configuration

     *cpe:2.3:a:projectcalico:calico:*:*:*:*:enterprise:*:*:* versions up to (including) 2.6.2
     *cpe:2.3:a:projectcalico:calico:*:*:*:*:enterprise:*:*:* versions from (including) 2.7.0 up to (including) 2.7.4
     *cpe:2.3:a:projectcalico:calico:*:*:*:*:enterprise:*:*:* versions from (including) 2.8.0 up to (including) 2.8.2
     *cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:* versions up to (including) 3.8.8
     *cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:* versions from (including) 3.9.0 up to (including) 3.9.5
     *cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:* versions from (including) 3.10.0 up to (including) 3.10.3
     *cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:* versions from (including) 3.11.0 up to (including) 3.11.2
     *cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:* versions from (including) 3.12.0 up to (including) 3.12.1
     *cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:* versions from (including) 3.13.0 up to (including) 3.13.3
Added CVSS V2

Added CVSS V3.1

Added CWE

Changed Reference Type
https://github.com/kubernetes/kubernetes/issues/91507 No Types Assigned
https://github.com/kubernetes/kubernetes/issues/91507 Issue Tracking, Third Party Advisory
Changed Reference Type
https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8 No Types Assigned
https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8 Third Party Advisory
Changed Reference Type
https://www.projectcalico.org/security-bulletins/ No Types Assigned
https://www.projectcalico.org/security-bulletins/ Vendor Advisory