github.com/cilium/cilium is vulnerable to Authentication Bypass. The vulnerability exists in the addRulesForEndpoints
function at l4.go
when the http policy applies for multiple endpoint which allows an attacker to bypass the http policy rules and perform unauthorized actions.
github.com/advisories/GHSA-2h44-x2wx-49f4
github.com/cilium/cilium/commit/024f9612f9abb19e54e96e39b54c6e0db25454fd
github.com/cilium/cilium/commit/1e022e747d859af7b41360015c9fe886ce8ea543
github.com/cilium/cilium/commit/9df6a27107f308d0aa549da8d071ace91b02539c
github.com/cilium/cilium/pull/24843
github.com/cilium/cilium/pull/24851
github.com/cilium/cilium/pull/24852
github.com/cilium/cilium/releases/tag/v1.11.16
github.com/cilium/cilium/releases/tag/v1.12.9
github.com/cilium/cilium/releases/tag/v1.13.2
github.com/cilium/cilium/security/advisories/GHSA-2h44-x2wx-49f4