Lucene search
K

5 matches found

OSV
OSV
added 2024/07/01 11:15 a.m.16 views

BIT-HUBBLE-UI-BACKEND-2024-28860

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key...

8CVSS7.4AI score0.00172EPSS
Exploits0References5
OSV
OSV
added 2024/05/15 12:5 p.m.24 views

BIT-CILIUM-OPERATOR-2024-28860

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key...

8CVSS7.4AI score0.00172EPSS
Exploits0References5
NVD
NVD
added 2024/03/27 7:15 p.m.37 views

CVE-2024-28860

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key...

8CVSS7.6AI score0.00172EPSS
Exploits0References5
CVE
CVE
added 2024/03/27 6:34 p.m.312 views

CVE-2024-28860

CVE-2024-28860 affects Cilium’s IPsec transparent encryption. The issue arises from an ESP sequence number collision when multiple nodes share a key, enabling a MITM attacker to perform chosen-plaintext, key-recovery, and replay attacks that can undermine confidentiality and integrity. Fixed in C...

8CVSS7.4AI score0.00172EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2024/03/27 6:34 p.m.43 views

CVE-2024-28860 Insecure IPsec transport encryption in Cilium

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key...

8CVSS7.7AI score0.00172EPSS
Exploits0References5
Rows per page
Query Builder