← Voltar para CVEs
CVE-2024-28249
MEDIUM6.1
Descricao
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sent unencrypted and IPsec-eligible traffic between a node's DNS proxy and pods on other nodes is sent unencrypted. This issue has been resolved in Cilium 1.15.2, 1.14.8, and 1.13.13. There is no known workaround for this issue.
Detalhes CVE
Pontuacao CVSS v3.16.1
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Vetor de ataqueADJACENT_NETWORK
ComplexidadeHIGH
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado3/18/2024
Ultima modificacao1/9/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
cilium:cilium
Fraquezas (CWE)
CWE-311CWE-319
Referencias
https://github.com/cilium/cilium/releases/tag/v1.13.13(security-advisories@github.com)
https://github.com/cilium/cilium/releases/tag/v1.14.8(security-advisories@github.com)
https://github.com/cilium/cilium/releases/tag/v1.15.2(security-advisories@github.com)
https://github.com/cilium/cilium/security/advisories/GHSA-j89h-qrvr-xc36(security-advisories@github.com)
https://github.com/cilium/cilium/releases/tag/v1.13.13(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/cilium/cilium/releases/tag/v1.14.8(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/cilium/cilium/releases/tag/v1.15.2(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/cilium/cilium/security/advisories/GHSA-j89h-qrvr-xc36(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.