CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30851 – Potential HTTP policy bypass when using header rules in Cilium
https://notcve.org/view.php?id=CVE-2023-30851
25 May 2023 — Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple `toEndpoints` AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be appended to the set of HTTP rules, which could cause bypass of HTTP policies. This issue has been patched in Cilium 1.11.16, 1.12.9, and 1.13.2. • https://github.com/cilium/cilium/releases/tag/v1.11.16 • CWE-693: Protection Mechanism Failure •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-29002 – Debug mode leaks confidential data in Cilium
https://notcve.org/view.php?id=CVE-2023-29002
18 Apr 2023 — Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the `cilium-secrets` namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug output from the Cilium containers could use the resulting output to intercept and modify traffic to and from the affected cluster. Output of the sensitive information would occur at Cilium agent restart, when secr... • https://github.com/cilium/cilium/security/advisories/GHSA-pg5p-wwp8-97g8 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27595 – Cilium eBPF filters may be temporarily removed during agent restart
https://notcve.org/view.php?id=CVE-2023-27595
17 Mar 2023 — Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In version 1.13.0, when Cilium is started, there is a short period when Cilium eBPF programs are not attached to the host. During this period, the host does not implement any of Cilium's featureset. This can cause disruption to newly established connections during this period due to the lack of Load Balancing, or can cause Network Policy bypass due to the lack of Network Policy enforcement during the window. This vuln... • https://github.com/cilium/cilium/pull/24336 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-27594 – Cilium vulnerable to potential network policy bypass when routing IPv6 traffic
https://notcve.org/view.php?id=CVE-2023-27594
17 Mar 2023 — Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which Cilium is running. As a consequence, network policies for that cluster might be bypassed, depending on the specific network policies enabled. This issue only manifests when Cilium is routing IPv6 traffic and NodePo... • https://github.com/cilium/cilium/releases/tag/v1.11.15 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-27593 – cilium-agent container can access the host via `hostPath` mount
https://notcve.org/view.php?id=CVE-2023-27593
17 Mar 2023 — Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to `/opt/cni/bin` due to a `hostPath` mount of that directory in the agent pod. By replacing the CNI binary with their own malicious binary and waiting for the creation of a new pod on the node, the attacker can gain access to the underlying node. The issue has been fixed and the fix is available on versions 1.11.15,... • https://github.com/cilium/cilium/pull/24075 • CWE-276: Incorrect Default Permissions •