Skip to main content

Cilium CVE-2024-28860

MEDIUM
Inadequate Encryption Strength (CWE-326)
2024-03-27 security-advisories@github.com
6.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.8 MEDIUM
AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Mar 27, 2024 - 19:15 nvd
MEDIUM 6.8

DescriptionNVD

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key recovery, replay attacks by a man-in-the-middle attacker. These attacks are possible due to an ESP sequence number collision when multiple nodes are configured with the same key. Fixed versions of Cilium use unique keys for each IPsec tunnel established between nodes, resolving all of the above attacks. This vulnerability is fixed in 1.13.13, 1.14.9, and 1.15.3.

AnalysisAI

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required.

Technical ContextAI

This vulnerability is classified under CWE-326. Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key recovery, replay attacks by a man-in-the-middle attacker. These attacks are possible due to an ESP sequence number collision when multiple nodes are configured with the same key. Fixed versions of Cilium use unique keys for each IPsec tunnel established between nodes, resolving all of the above attacks. This vulnerability is fixed in 1.13.13, 1.14.9, and 1.15.3. Affected products include: Cilium.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Cilium

View all
CVE-2023-39347 CRITICAL POC
9.0 Sep 27

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated critical severity (CVSS

CVE-2023-27595 CRITICAL
9.8 Mar 17

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated critical severity (CVSS

CVE-2024-47825 HIGH
8.7 Oct 21

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 8.7

CVE-2022-29179 HIGH
8.2 May 20

Cilium is open source software for providing and securing network connectivity and loadbalancing between application wor

CVE-2022-29178 HIGH
8.2 May 20

Cilium is open source software for providing and securing network connectivity and loadbalancing between application wor

CVE-2023-41333 HIGH
8.1 Sep 27

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 8.1

CVE-2023-41332 LOW POC
3.5 Sep 27

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated low severity (CVSS 3.5)

CVE-2023-27594 HIGH
7.3 Mar 17

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 7.3

CVE-2024-42486 HIGH
7.2 Aug 16

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 7.2

CVE-2024-28248 HIGH
7.2 Mar 18

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 7.2

CVE-2024-42488 MEDIUM
6.8 Aug 15

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated medium severity (CVSS 6

CVE-2024-37307 MEDIUM
6.5 Jun 13

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated medium severity (CVSS 6

Share

CVE-2024-28860 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy