5 matches found
BIT-HUBBLE-UI-BACKEND-2024-28860
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key...
BIT-CILIUM-OPERATOR-2024-28860
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key...
CVE-2024-28860
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key...
CVE-2024-28860
CVE-2024-28860 affects Cilium’s IPsec transparent encryption. The issue arises from an ESP sequence number collision when multiple nodes share a key, enabling a MITM attacker to perform chosen-plaintext, key-recovery, and replay attacks that can undermine confidentiality and integrity. Fixed in C...
CVE-2024-28860 Insecure IPsec transport encryption in Cilium
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key...