CVE-2022-28224

Calico and Calico Enterprise may be vulnerable to route hijacking with the floating IP feature

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Clusters using Calico (version 3.22.1 and below), Calico Enterprise (version 3.12.0 and below), may be vulnerable to route hijacking with the floating IP feature. Due to insufficient validation, a privileged attacker may be able to set a floating IP annotation to a pod even if the feature is not enabled. This may allow the attacker to intercept and reroute traffic to their compromised pod.

Los clústeres usando Calico (versiones 3.22.1 y anteriores), Calico Enterprise (versiones 3.12.0 y anteriores), pueden ser vulnerables al secuestro de rutas con la función de IP flotante. Debido a una comprobación insuficiente, un atacante privilegiado puede ser capaz de establecer una anotación de IP flotante a un pod incluso si la característica no está habilitada. Esto puede permitir al atacante interceptar y redirigir el tráfico a su pod comprometido

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-03-30 CVE Reserved
2022-06-06 CVE Published
2023-12-28 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-201: Insertion of Sensitive Information Into Sent Data

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://www.tigera.io/security-bulletins-tta-2022-001	2022-06-14

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Tigera Search vendor "Tigera"		Calico Enterprise Search vendor "Tigera" for product "Calico Enterprise"				< 3.11.4 Search vendor "Tigera" for product "Calico Enterprise" and version " < 3.11.4"		-		Affected
Tigera Search vendor "Tigera"		Calico Enterprise Search vendor "Tigera" for product "Calico Enterprise"				3.12.0 Search vendor "Tigera" for product "Calico Enterprise" and version "3.12.0"		-		Affected
Tigera Search vendor "Tigera"		Calico Os Search vendor "Tigera" for product "Calico Os"				< 3.20.5 Search vendor "Tigera" for product "Calico Os" and version " < 3.20.5"		-		Affected
Tigera Search vendor "Tigera"		Calico Os Search vendor "Tigera" for product "Calico Os"				>= 3.21.0 < 3.21.5 Search vendor "Tigera" for product "Calico Os" and version " >= 3.21.0 < 3.21.5"		-		Affected
Tigera Search vendor "Tigera"		Calico Os Search vendor "Tigera" for product "Calico Os"				>= 3.22.0 < 3.22.2 Search vendor "Tigera" for product "Calico Os" and version " >= 3.22.0 < 3.22.2"		-		Affected