CVE-2024-33522

In vulnerable versions of Calico v3.27.2 and below, Calico Enterprise v3.19.0-1, v3.18.1, v3.17.3 and below, and Calico Cloud v19.2.0 and below, an attacker who has local access to the Kubernetes node, can escalate their privileges by exploiting a vulnerability in the Calico CNI install binary. T...

PT-2020-13614 · Tigera · Calico Enterprise +1

Name of the Vulnerable Software and Affected Versions: Calico versions 3.14.0 and below Calico Enterprise versions 2.8.2 and below Description: The issue allows a compromised pod with sufficient privilege to reconfigure the node's IPv6 interface, enabling the attacker to redirect network traffic...