Skip to main content

Cilium CVE-2023-29002

MEDIUM
Insertion of Sensitive Information into Log File (CWE-532)
2023-04-18 security-advisories@github.com
6.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.3 MEDIUM
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Apr 18, 2023 - 22:15 nvd
MEDIUM 6.3

DescriptionNVD

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the cilium-secrets namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug output from the Cilium containers could use the resulting output to intercept and modify traffic to and from the affected cluster. Output of the sensitive information would occur at Cilium agent restart, when secrets in the namespace are modified, and on creation of Ingress or GatewayAPI resources. This vulnerability is fixed in Cilium releases 1.11.16, 1.12.9, and 1.13.2. Users unable to upgrade should disable debug mode.

AnalysisAI

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated medium severity (CVSS 6.3). No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-532. Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the cilium-secrets namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug output from the Cilium containers could use the resulting output to intercept and modify traffic to and from the affected cluster. Output of the sensitive information would occur at Cilium agent restart, when secrets in the namespace are modified, and on creation of Ingress or GatewayAPI resources. This vulnerability is fixed in Cilium releases 1.11.16, 1.12.9, and 1.13.2. Users unable to upgrade should disable debug mode. Affected products include: Cilium.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Cilium

View all
CVE-2023-39347 CRITICAL POC
9.0 Sep 27

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated critical severity (CVSS

CVE-2023-27595 CRITICAL
9.8 Mar 17

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated critical severity (CVSS

CVE-2024-47825 HIGH
8.7 Oct 21

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 8.7

CVE-2022-29179 HIGH
8.2 May 20

Cilium is open source software for providing and securing network connectivity and loadbalancing between application wor

CVE-2022-29178 HIGH
8.2 May 20

Cilium is open source software for providing and securing network connectivity and loadbalancing between application wor

CVE-2023-41333 HIGH
8.1 Sep 27

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 8.1

CVE-2023-41332 LOW POC
3.5 Sep 27

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated low severity (CVSS 3.5)

CVE-2023-27594 HIGH
7.3 Mar 17

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 7.3

CVE-2024-42486 HIGH
7.2 Aug 16

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 7.2

CVE-2024-28248 HIGH
7.2 Mar 18

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 7.2

CVE-2024-42488 MEDIUM
6.8 Aug 15

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated medium severity (CVSS 6

CVE-2024-28860 MEDIUM
6.8 Mar 27

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated medium severity (CVSS 6

Share

CVE-2023-29002 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy