4 matches found
CVE-2023-41333
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy enforcement in othe...
CVE-2023-41333 vulnerabilities
Vulnerabilities for packages: cilium, cilium-fips...
CVE-2023-41333
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy enforcement in othe...
CVE-2023-41333
Cilium is vulnerable: an attacker who can create/modify CiliumNetworkPolicy objects in a namespace can bypass namespace restrictions and affect traffic across the entire cluster by crafting an endpointSelector that uses the DoesNotExist operator on the reserved:init label. The issue requires API ...