CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-27594 – Cilium vulnerable to potential network policy bypass when routing IPv6 traffic
https://notcve.org/view.php?id=CVE-2023-27594
17 Mar 2023 — Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which Cilium is running. As a consequence, network policies for that cluster might be bypassed, depending on the specific network policies enabled. This issue only manifests when Cilium is routing IPv6 traffic and NodePo... • https://github.com/cilium/cilium/releases/tag/v1.11.15 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-27593 – cilium-agent container can access the host via `hostPath` mount
https://notcve.org/view.php?id=CVE-2023-27593
17 Mar 2023 — Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to `/opt/cni/bin` due to a `hostPath` mount of that directory in the agent pod. By replacing the CNI binary with their own malicious binary and waiting for the creation of a new pod on the node, the attacker can gain access to the underlying node. The issue has been fixed and the fix is available on versions 1.11.15,... • https://github.com/cilium/cilium/pull/24075 • CWE-276: Incorrect Default Permissions •