4 matches found
CVE-2023-27593 vulnerabilities
Vulnerabilities for packages: cilium, cilium-fips...
CVE-2023-27593
creationtimestamp| type| source ---|---|--- 2023-03-17 23:31:45+00:00| seen| https://t.me/cibsecurity/60270...
CVE-2023-27593
CVE-2023-27593 affects Cilium’s eBPF dataplane. Before versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod could write to /opt/cni/bin due to a hostPath mount, swap the CNI binary for a malicious one, and gain access to the underlying node after a new pod is create...
CVE-2023-27593 cilium-agent container can access the host via `hostPath` mount
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to /opt/cni/bin due to a hostPath mount of that directory in the agent pod. By replacing the CNI binary...