Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:40248
HistoryApr 21, 2023 - 10:18 a.m.

Information Disclosure

2023-04-2110:18:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
cilium
information disclosure
debug mode
tls private keys
ingress
gatewayapi

0.0004 Low

EPSS

Percentile

9.1%

JSON

github.com/cilium/cilium is vulnerable to Information Disclosure. When running in debug mode, the Cilium agent may log secrets. Depending on the configuration of the impacted cluster, this includes TLS private keys for Ingress and GatewayAPI resources. The confidential data would be outputed when the Cilium agent restarted, when the secrets were updated, or when Ingress or GatewayAPI resources were created.

Related

prion 1
cgr 1
cvelist 1
cve 1
osv 6
nvd 1
github 1
prion
prion
Design/Logic Flaw
2023-04-18 22:15:00
cgr
cgr
CVE-2023-29002 vulnerabilities
2024-05-19 03:07:16
cvelist
cvelist
CVE-2023-29002 Debug mode leaks confidential data in Cilium
2023-04-18 21:21:11
cve
cve
CVE-2023-29002
2023-04-18 22:15:07
osv
osv
BIT-hubble-relay-2023-29002
2024-05-24 19:23:03
BIT-hubble-2023-29002
2024-06-04 09:45:00
BIT-cilium-operator-2023-29002
2024-05-15 12:07:37
nvd
nvd
CVE-2023-29002
2023-04-18 22:15:07
github
github
Debug mode leaks confidential data in Cilium
2023-04-19 18:16:51

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for VERACODE:40248
prion1cgr1cvelist1cve1osv6nvd1github1