3 matches found
Photon OS 4.0: Calico PHSA-2023-4.0-0427
An update of the calico package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0427. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2022-28224
CVE-2022-28224 affects Calico across clusters using Calico ≤ 3.22.1 and Calico Enterprise ≤ 3.12.0. The issue allows a privileged attacker to set a floating IP annotation on a pod without the feature being enabled, due to insufficient validation, potentially intercepting and rerouting traffic to ...
CVE-2022-28224 Calico and Calico Enterprise may be vulnerable to route hijacking with the floating IP feature
Clusters using Calico version 3.22.1 and below, Calico Enterprise version 3.12.0 and below, may be vulnerable to route hijacking with the floating IP feature. Due to insufficient validation, a privileged attacker may be able to set a floating IP annotation to a pod even if the feature is not...