4 matches found
CVE-2024-28249
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...
CVE-2024-28249 vulnerabilities
Vulnerabilities for packages: cilium-fips, hubble-ui-backend-fips, cilium, hubble-ui...
CVE-2024-28249 vulnerabilities
Vulnerabilities for packages: hubble-ui...
CVE-2024-28249
Cilium CVE-2024-28249 : In clusters with IPsec enabled and Layer 7 policies, IPsec-eligible traffic between a node’s Envoy proxy and pods on other nodes, and between a node’s DNS proxy and pods on other nodes, is sent unencrypted. This affects versions prior to 1.13.13, 1.14.8, and 1.15.2. The is...