CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-27594 – Cilium vulnerable to potential network policy bypass when routing IPv6 traffic
https://notcve.org/view.php?id=CVE-2023-27594
17 Mar 2023 — Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which Cilium is running. As a consequence, network policies for that cluster might be bypassed, depending on the specific network policies enabled. This issue only manifests when Cilium is routing IPv6 traffic and NodePo... • https://github.com/cilium/cilium/releases/tag/v1.11.15 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-27593 – cilium-agent container can access the host via `hostPath` mount
https://notcve.org/view.php?id=CVE-2023-27593
17 Mar 2023 — Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to `/opt/cni/bin` due to a `hostPath` mount of that directory in the agent pod. By replacing the CNI binary with their own malicious binary and waiting for the creation of a new pod on the node, the attacker can gain access to the underlying node. The issue has been fixed and the fix is available on versions 1.11.15,... • https://github.com/cilium/cilium/pull/24075 • CWE-276: Incorrect Default Permissions •
CVSS: 8.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29179 – Improper Privilege Management in Cilium
https://notcve.org/view.php?id=CVE-2022-29179
20 May 2022 — Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Prior to versions 1.9.16, 1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed, the attacker can escalate privileges to cluster admin by using Cilium's Kubernetes service account. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. There are no known w... • https://github.com/cilium/cilium/releases/tag/v1.10.11 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29178 – Incorrect Default Permissions in Cilium
https://notcve.org/view.php?id=CVE-2022-29178
20 May 2022 — Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 1000 can access the API of Cilium via Unix domain socket available on the host where Cilium is running. This could allow malicious users to compromise integrity as well as system availability on that host. The problem ... • https://github.com/cilium/cilium/releases/tag/v1.10.11 • CWE-276: Incorrect Default Permissions •