CVE-2023-27594
Cilium vulnerable to potential network policy bypass when routing IPv6 traffic
Severity Score
7.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which Cilium is running. As a consequence, network policies for that cluster might be bypassed, depending on the specific network policies enabled. This issue only manifests when Cilium is routing IPv6 traffic and NodePorts are used to route traffic to pods. IPv6 and endpoint routes are both disabled by default. The problem has been fixed and is available on versions 1.11.15, 1.12.8, and 1.13.1. As a workaround, disable IPv6 routing.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-03-04 CVE Reserved
- 2023-03-17 CVE Published
- 2024-08-02 CVE Updated
- 2024-10-07 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-285: Improper Authorization
- CWE-863: Incorrect Authorization
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://github.com/cilium/cilium/releases/tag/v1.11.15 | Third Party Advisory | |
| https://github.com/cilium/cilium/releases/tag/v1.12.8 | Third Party Advisory | |
| https://github.com/cilium/cilium/releases/tag/v1.13.1 | Third Party Advisory | |
| https://github.com/cilium/cilium/security/advisories/GHSA-8fg8-jh2h-f2hc | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cilium Search vendor "Cilium" | Cilium Search vendor "Cilium" for product "Cilium" | < 1.11.15 Search vendor "Cilium" for product "Cilium" and version " < 1.11.15" | - |
Affected
| ||||||
| Cilium Search vendor "Cilium" | Cilium Search vendor "Cilium" for product "Cilium" | >= 1.12.0 < 1.12.8 Search vendor "Cilium" for product "Cilium" and version " >= 1.12.0 < 1.12.8" | - |
Affected
| ||||||
| Cilium Search vendor "Cilium" | Cilium Search vendor "Cilium" for product "Cilium" | >= 1.13.0 < 1.13.1 Search vendor "Cilium" for product "Cilium" and version " >= 1.13.0 < 1.13.1" | - |
Affected
| ||||||