SB2024031913 - Multiple vulnerabilities in Cilium
Published: March 19, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Information disclosure (CVE-ID: CVE-2024-28249)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to unencrypted traffic between nodes when using IPsec and L7 policies. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.
2) Security features bypass (CVE-ID: CVE-2024-28248)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to intermittent HTTP policy bypass. A remote attacker can bypass HTTP policy on the target system.
3) Information disclosure (CVE-ID: CVE-2024-28250)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to unencrypted traffic between nodes when using WireGuard and L7 policies. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.
Remediation
Install update from vendor's website.
References
- https://github.com/cilium/cilium/security/advisories/GHSA-j89h-qrvr-xc36
- https://github.com/cilium/cilium/releases/tag/v1.13.13
- https://github.com/cilium/cilium/releases/tag/v1.14.8
- https://github.com/cilium/cilium/releases/tag/v1.15.2
- https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85
- https://docs.cilium.io/en/stable/security/policy/language/#http
- https://github.com/cilium/cilium/security/advisories/GHSA-v6q2-4qr3-5cw6