Lucene search

K
osvGoogleOSV:BIT-HUBBLE-RELAY-2024-28860
HistoryMay 24, 2024 - 7:20 p.m.

BIT-hubble-relay-2024-28860

2024-05-2419:20:22
Google
osv.dev
2
cilium
network security
vulnerability
fix
cryptography
ebpf
man-in-the-middle
replay attack
esp sequence.

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key recovery, replay attacks by a man-in-the-middle attacker. These attacks are possible due to an ESP sequence number collision when multiple nodes are configured with the same key. Fixed versions of Cilium use unique keys for each IPsec tunnel established between nodes, resolving all of the above attacks. This vulnerability is fixed in 1.13.13, 1.14.9, and 1.15.3.

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%

Related for OSV:BIT-HUBBLE-RELAY-2024-28860