CVE-2023-30851 - OpenCVE

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple `toEndpoints` AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be appended to the set of HTTP rules, which could cause bypass of HTTP policies. This issue has been patched in Cilium 1.11.16, 1.12.9, and 1.13.2.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cilium	Cilium

Configuration 1 [-]

OR	cpe:2.3:a:cilium:cilium::::::::
	cpe:2.3:a:cilium:cilium::::::::
	cpe:2.3:a:cilium:cilium::::::::

No data.

References

Link	Providers
https://github.com/cilium/cilium/releases/tag/v1.11.16
https://github.com/cilium/cilium/releases/tag/v1.12.9
https://github.com/cilium/cilium/releases/tag/v1.13.2
https://github.com/cilium/cilium/security/advisories/GHSA-2h44-x2wx-49f4

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-05-25T17:47:51.095Z

Updated: 2024-08-02T14:37:15.467Z

Reserved: 2023-04-18T16:13:15.881Z

Link: CVE-2023-30851

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-05-25T18:15:10.240

Modified: 2023-06-01T20:35:42.710

Link: CVE-2023-30851

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-30851", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-04-18T16:13:15.881Z", "datePublished": "2023-05-25T17:47:51.095Z", "dateUpdated": "2024-08-02T14:37:15.467Z"}, "containers": {"cna": {"title": "Potential HTTP policy bypass when using header rules in Cilium", "problemTypes": [{"descriptions": [{"cweId": "CWE-693", "lang": "en", "description": "CWE-693: Protection Mechanism Failure", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/cilium/cilium/security/advisories/GHSA-2h44-x2wx-49f4", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/cilium/cilium/security/advisories/GHSA-2h44-x2wx-49f4"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.11.16", "tags": ["x_refsource_MISC"], "url": "https://github.com/cilium/cilium/releases/tag/v1.11.16"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.12.9", "tags": ["x_refsource_MISC"], "url": "https://github.com/cilium/cilium/releases/tag/v1.12.9"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.13.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/cilium/cilium/releases/tag/v1.13.2"}], "affected": [{"vendor": "cilium", "product": "cilium", "versions": [{"version": "< 1.11.16", "status": "affected"}, {"version": ">= 1.12.0, < 1.12.9", "status": "affected"}, {"version": ">= 1.13.0, < 1.13.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-05-25T17:47:51.095Z"}, "descriptions": [{"lang": "en", "value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple `toEndpoints` AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be appended to the set of HTTP rules, which could cause bypass of HTTP policies. This issue has been patched in Cilium 1.11.16, 1.12.9, and 1.13.2."}], "source": {"advisory": "GHSA-2h44-x2wx-49f4", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:37:15.467Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/cilium/cilium/security/advisories/GHSA-2h44-x2wx-49f4", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/cilium/cilium/security/advisories/GHSA-2h44-x2wx-49f4"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.11.16", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/cilium/cilium/releases/tag/v1.11.16"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.12.9", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/cilium/cilium/releases/tag/v1.12.9"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.13.2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/cilium/cilium/releases/tag/v1.13.2"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*", "matchCriteriaId": "826FEF2C-9172-44D8-AE4C-B656329510F2", "versionEndExcluding": "1.11.16", "vulnerable": true}, {"criteria": "cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*", "matchCriteriaId": "A8371AD7-2C69-4584-B0C3-2AB4E632FC37", "versionEndExcluding": "1.12.9", "versionStartIncluding": "1.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2A8D7A6-200B-443C-B171-512964293B8D", "versionEndExcluding": "1.13.2", "versionStartIncluding": "1.13.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple `toEndpoints` AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be appended to the set of HTTP rules, which could cause bypass of HTTP policies. This issue has been patched in Cilium 1.11.16, 1.12.9, and 1.13.2."}], "id": "CVE-2023-30851", "lastModified": "2023-06-01T20:35:42.710", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-05-25T18:15:10.240", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/cilium/cilium/releases/tag/v1.11.16"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/cilium/cilium/releases/tag/v1.12.9"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/cilium/cilium/releases/tag/v1.13.2"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/cilium/cilium/security/advisories/GHSA-2h44-x2wx-49f4"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-693"}], "source": "security-advisories@github.com", "type": "Secondary"}]}