Lucene search
K

74 matches found

NVD
NVD
added 2023/09/27 3:19 p.m.37 views

CVE-2023-41333

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy enforcement in othe...

8.1CVSS7.1AI score0.00408EPSS
Exploits0References3
Prion
Prion
added 2023/09/27 3:19 p.m.22 views

Design/Logic Flaw

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy enforcement in othe...

3.7CVSS7.9AI score0.00408EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/26 8:19 p.m.16 views

CVE-2023-41333 Bypass of namespace restrictions in CiliumNetworkPolicy

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy enforcement in othe...

6.9CVSS6.7AI score0.00408EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/09/26 6:30 p.m.14 views

CVE-2023-39347 Cilium NetworkPolicy bypass via pod labels

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels...

7.6CVSS6.7AI score0.0046EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/09/26 6:30 p.m.56 views

CVE-2023-39347 Cilium NetworkPolicy bypass via pod labels

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels...

7.6CVSS9.2AI score0.0046EPSS
Exploits1References2
NVD
NVD
added 2023/06/15 8:15 p.m.38 views

CVE-2023-34242

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining visibility of...

5.3CVSS4.2AI score0.00305EPSS
Exploits0References2
Prion
Prion
added 2023/06/15 8:15 p.m.23 views

Design/Logic Flaw

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining visibility of...

5CVSS5.1AI score0.00305EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/06/15 7:7 p.m.42 views

CVE-2023-34242 Cilium vulnerable to information leakage via incorrect ReferenceGrant handling

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining visibility of...

3.4CVSS5.4AI score0.00305EPSS
Exploits0References2
OSV
OSV
added 2023/06/15 7:7 p.m.18 views

CVE-2023-34242 Cilium vulnerable to information leakage via incorrect ReferenceGrant handling

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining visibility of...

3.4CVSS5.2AI score0.00305EPSS
Exploits0References4
Prion
Prion
added 2023/04/18 10:15 p.m.19 views

Design/Logic Flaw

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the cilium-secrets namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug...

2.4CVSS6AI score0.00197EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/03/17 8:15 p.m.47 views

CVE-2023-27594

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which...

7.3CVSS5.2AI score0.00552EPSS
Exploits0References4
OSV
OSV
added 2023/03/17 7:56 p.m.20 views

CVE-2023-27594 Cilium vulnerable to potential network policy bypass when routing IPv6 traffic

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which...

4.2CVSS7.2AI score0.00552EPSS
Exploits0References6
Cvelist
Cvelist
added 2023/03/17 7:51 p.m.36 views

CVE-2023-27593 cilium-agent container can access the host via `hostPath` mount

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to /opt/cni/bin due to a hostPath mount of that directory in the agent pod. By replacing the CNI binary...

4.4CVSS5.7AI score0.00217EPSS
Exploits0References6
OSV
OSV
added 2023/03/17 7:51 p.m.14 views

CVE-2023-27593 cilium-agent container can access the host via `hostPath` mount

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to /opt/cni/bin due to a hostPath mount of that directory in the agent pod. By replacing the CNI binary...

4.4CVSS5.4AI score0.00217EPSS
Exploits0References8
Rows per page
Query Builder