Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2023-27594

Good to know:

icon

Date: March 17, 2023

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which Cilium is running. As a consequence, network policies for that cluster might be bypassed, depending on the specific network policies enabled. This issue only manifests when Cilium is routing IPv6 traffic and NodePorts are used to route traffic to pods. IPv6 and endpoint routes are both disabled by default. The problem has been fixed and is available on versions 1.11.15, 1.12.8, and 1.13.1. As a workaround, disable IPv6 routing.

Language: Go

Severity Score

Related Resources (7)

https://github.com/cilium/cilium/releases/tag/v1.13.1
https://nvd.nist.gov/vuln/detail/CVE-2023-27594
https://github.com/cilium/cilium
https://github.com/cilium/cilium/releases/tag/v1.12.8
https://github.com/cilium/cilium/security/advisories/GHSA-8fg8-jh2h-f2hc
https://github.com/cilium/cilium/releases/tag/v1.11.15
https://www.mend.io/vulnerability-database/CVE-2023-27594

Severity Score

Weakness Type (CWE)

Improper Authorization

CWE-285

Incorrect Authorization

CWE-863

Top Fix

icon

Upgrade Version

Upgrade to version 1.11.15,1.12.8,1.13.1

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): ADJACENT_NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): NONE

Do you need more information?

Contact Us