7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
# File 'lib/dockscan/modules/audit/docker-networking-forwarding.rb', line 7
def check(dockercheck)
sp=Dockscan::Scan::Plugin.new
si=Dockscan::Scan::Issue.new
si.title="Docker running with IPv4 forwarding enabled"
si.description="Docker daemon reports it is running daemon with IPv4 forwarding enabled.\nThis is not recommended for production as it forwards network packets without rules."
si.solution="It is recommended to disable IPv4 forwarding by default."
si.severity=5 si.risk = { "cvss" => 5.0 }
si.reflinks = {"ip_forward to expose containers to the public internet" => "https://github.com/docker/docker/issues/11508"}
sp.vuln=si
if scandata.key?("GetDockerInfo") and scandata["GetDockerInfo"].obj.key?("IPv4Forwarding")
sp.state="run"
if scandata["GetDockerInfo"].obj["IPv4Forwarding"] == true then
sp.output = "Docker daemon reports it is running with automatic IPv4 forwarding."
sp.state="vulnerable"
end
end
return sp
end
|