CVE-2024-28248 - OpenCVE

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being incorrectly and intermittently forwarded when it should be dropped. This issue has been patched in Cilium 1.15.2, 1.14.8, and 1.13.13. There are no known workarounds for this issue.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://docs.cilium.io/en/stable/security/policy/language/#http
https://github.com/cilium/cilium/releases/tag/v1.13.13
https://github.com/cilium/cilium/releases/tag/v1.14.8
https://github.com/cilium/cilium/releases/tag/v1.15.2
https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-03-18T21:31:51.318Z

Updated: 2024-08-02T00:48:49.593Z

Reserved: 2024-03-07T14:33:30.036Z

Link: CVE-2024-28248

Vulnrichment

Updated: 2024-05-23T19:01:19.215Z

NVD

Status : Awaiting Analysis

Published: 2024-03-18T22:15:08.220

Modified: 2024-03-19T13:26:46.000

Link: CVE-2024-28248

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-28248", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-03-07T14:33:30.036Z", "datePublished": "2024-03-18T21:31:51.318Z", "dateUpdated": "2024-08-02T00:48:49.593Z"}, "containers": {"cna": {"title": "Cilium intermittent HTTP policy bypass", "problemTypes": [{"descriptions": [{"cweId": "CWE-693", "lang": "en", "description": "CWE-693: Protection Mechanism Failure", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85"}, {"name": "https://docs.cilium.io/en/stable/security/policy/language/#http", "tags": ["x_refsource_MISC"], "url": "https://docs.cilium.io/en/stable/security/policy/language/#http"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.13.13", "tags": ["x_refsource_MISC"], "url": "https://github.com/cilium/cilium/releases/tag/v1.13.13"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.14.8", "tags": ["x_refsource_MISC"], "url": "https://github.com/cilium/cilium/releases/tag/v1.14.8"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.15.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/cilium/cilium/releases/tag/v1.15.2"}], "affected": [{"vendor": "cilium", "product": "cilium", "versions": [{"version": ">= 1.13.9, < 1.13.13", "status": "affected"}, {"version": ">= 1.14.0, < 1.14.8", "status": "affected"}, {"version": ">= 1.15.0, < 1.15.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-18T21:33:23.689Z"}, "descriptions": [{"lang": "en", "value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being incorrectly and intermittently forwarded when it should be dropped. This issue has been patched in Cilium 1.15.2, 1.14.8, and 1.13.13. There are no known workarounds for this issue."}], "source": {"advisory": "GHSA-68mj-9pjq-mc85", "discovery": "UNKNOWN"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-28248", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-21T18:21:21.589831Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T18:04:02.014Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:48:49.593Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85"}, {"name": "https://docs.cilium.io/en/stable/security/policy/language/#http", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://docs.cilium.io/en/stable/security/policy/language/#http"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.13.13", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/cilium/cilium/releases/tag/v1.13.13"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.14.8", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/cilium/cilium/releases/tag/v1.14.8"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.15.2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/cilium/cilium/releases/tag/v1.15.2"}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-28248", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-03-07T14:33:30.036Z", "datePublished": "2024-03-18T21:31:51.318Z", "dateUpdated": "2024-06-04T18:04:02.014Z"}, "containers": {"cna": {"title": "Cilium intermittent HTTP policy bypass", "problemTypes": [{"descriptions": [{"cweId": "CWE-693", "lang": "en", "description": "CWE-693: Protection Mechanism Failure", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85"}, {"name": "https://docs.cilium.io/en/stable/security/policy/language/#http", "tags": ["x_refsource_MISC"], "url": "https://docs.cilium.io/en/stable/security/policy/language/#http"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.13.13", "tags": ["x_refsource_MISC"], "url": "https://github.com/cilium/cilium/releases/tag/v1.13.13"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.14.8", "tags": ["x_refsource_MISC"], "url": "https://github.com/cilium/cilium/releases/tag/v1.14.8"}, {"name": "https://github.com/cilium/cilium/releases/tag/v1.15.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/cilium/cilium/releases/tag/v1.15.2"}], "affected": [{"vendor": "cilium", "product": "cilium", "versions": [{"version": ">= 1.13.9, < 1.13.13", "status": "affected"}, {"version": ">= 1.14.0, < 1.14.8", "status": "affected"}, {"version": ">= 1.15.0, < 1.15.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-18T21:33:23.689Z"}, "descriptions": [{"lang": "en", "value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being incorrectly and intermittently forwarded when it should be dropped. This issue has been patched in Cilium 1.15.2, 1.14.8, and 1.13.13. There are no known workarounds for this issue."}], "source": {"advisory": "GHSA-68mj-9pjq-mc85", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-28248", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-21T18:21:21.589831Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:19.215Z"}, "title": "CISA ADP Vulnrichment"}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being incorrectly and intermittently forwarded when it should be dropped. This issue has been patched in Cilium 1.15.2, 1.14.8, and 1.13.13. There are no known workarounds for this issue."}, {"lang": "es", "value": "Cilium es una soluci\u00f3n de redes, observabilidad y seguridad con un plano de datos basado en eBPF. A partir de la versi\u00f3n 1.13.9 y antes de las versiones 1.13.13, 1.14.8 y 1.15.2, las pol\u00edticas HTTP de Cilium no se aplican de manera consistente a todo el tr\u00e1fico en el alcance de las pol\u00edticas, lo que lleva a que el tr\u00e1fico HTTP se reenv\u00ede de manera incorrecta e intermitente cuando deber\u00eda dejarse caer. Este problema se solucion\u00f3 en Cilium 1.15.2, 1.14.8 y 1.13.13. No se conocen workarounds para este problema."}], "id": "CVE-2024-28248", "lastModified": "2024-03-19T13:26:46.000", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-03-18T22:15:08.220", "references": [{"source": "security-advisories@github.com", "url": "https://docs.cilium.io/en/stable/security/policy/language/#http"}, {"source": "security-advisories@github.com", "url": "https://github.com/cilium/cilium/releases/tag/v1.13.13"}, {"source": "security-advisories@github.com", "url": "https://github.com/cilium/cilium/releases/tag/v1.14.8"}, {"source": "security-advisories@github.com", "url": "https://github.com/cilium/cilium/releases/tag/v1.15.2"}, {"source": "security-advisories@github.com", "url": "https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-693"}], "source": "security-advisories@github.com", "type": "Secondary"}]}