Skip to main content

Cilium CVE-2024-28250

MEDIUM
Missing Encryption of Sensitive Data (CWE-311)
2024-03-18 security-advisories@github.com
6.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.1 MEDIUM
AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Mar 18, 2024 - 22:15 nvd
MEDIUM 6.1

DescriptionNVD

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's Envoy proxy and pods on other nodes is sent unencrypted and Wireguard-eligible traffic that is sent between a node's DNS proxy and pods on other nodes is sent unencrypted. This issue has been resolved in Cilium 1.14.8 and 1.15.2 in in native routing mode (routingMode=native) and in Cilium 1.14.4 in tunneling mode (routingMode=tunnel). Not that in tunneling mode, encryption.wireguard.encapsulate must be set to true. There is no known workaround for this issue.

AnalysisAI

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-311. Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's Envoy proxy and pods on other nodes is sent unencrypted and Wireguard-eligible traffic that is sent between a node's DNS proxy and pods on other nodes is sent unencrypted. This issue has been resolved in Cilium 1.14.8 and 1.15.2 in in native routing mode (routingMode=native) and in Cilium 1.14.4 in tunneling mode (routingMode=tunnel). Not that in tunneling mode, encryption.wireguard.encapsulate must be set to true. There is no known workaround for this issue. Affected products include: Cilium. Version information: version 1.14.0.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Cilium

View all
CVE-2023-39347 CRITICAL POC
9.0 Sep 27

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated critical severity (CVSS

CVE-2023-27595 CRITICAL
9.8 Mar 17

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated critical severity (CVSS

CVE-2024-47825 HIGH
8.7 Oct 21

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 8.7

CVE-2022-29179 HIGH
8.2 May 20

Cilium is open source software for providing and securing network connectivity and loadbalancing between application wor

CVE-2022-29178 HIGH
8.2 May 20

Cilium is open source software for providing and securing network connectivity and loadbalancing between application wor

CVE-2023-41333 HIGH
8.1 Sep 27

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 8.1

CVE-2023-41332 LOW POC
3.5 Sep 27

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated low severity (CVSS 3.5)

CVE-2023-27594 HIGH
7.3 Mar 17

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 7.3

CVE-2024-42486 HIGH
7.2 Aug 16

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 7.2

CVE-2024-28248 HIGH
7.2 Mar 18

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 7.2

CVE-2024-42488 MEDIUM
6.8 Aug 15

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated medium severity (CVSS 6

CVE-2024-28860 MEDIUM
6.8 Mar 27

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated medium severity (CVSS 6

Share

CVE-2024-28250 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy