CVE-2024-28860 Insecure IPsec transport encryption in Cilium

2024-03-2718:34:23

CWE-326

GitHub_M

github.com

cilium

ipsec

encryption

vulnerability

cryptographic attacks

esp sequence number

man-in-the-middle

fixed versions

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

AI Score

7.6

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key recovery, replay attacks by a man-in-the-middle attacker. These attacks are possible due to an ESP sequence number collision when multiple nodes are configured with the same key. Fixed versions of Cilium use unique keys for each IPsec tunnel established between nodes, resolving all of the above attacks. This vulnerability is fixed in 1.13.13, 1.14.9, and 1.15.3.

CNA Affected

[
  {
    "vendor": "cilium",
    "product": "cilium",
    "versions": [
      {
        "status": "affected",
        "version": ">= 1.4.0, <= 1.13.14"
      },
      {
        "status": "affected",
        "version": ">= 1.14.0, < 1.14.9"
      },
      {
        "status": "affected",
        "version": ">= 1.15.0, < 1.15.3"
      }
    ]
  }
]

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*"
    ],
    "vendor": "cilium",
    "product": "cilium",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "1.4.0"
      },
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "1.13.14"
      },
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "1.14.0"
      },
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "1.14.9"
      },
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "1.15.0"
      },
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "1.15.3"
      }
    ],
    "defaultStatus": "unknown"
  }
]