Impact
Cilium is a networking solution that uses CiliumLocalRedirectPolicies to control traffic routing. Prior to version 1.17.16, and in certain 1.18.x and 1.19.x releases, administrators could create these policies with an addressMatcher that accepts arbitrary ClusterIP values. This flaw allows a user with policy creation rights to specify any IP in any namespace, effectively hijacking traffic destined for a Service and redirecting it to an attacker‑controlled endpoint. Deleting such a policy can also corrupt Cilium’s internal service state, causing service translation to fail for the affected Service. The primary impact is cross‑namespace service traffic hijacking and potential disruption of service availability.
Affected Systems
The vulnerability exists in Cilium. It affects all releases prior to 1.17.16, versions 1.18.2 through 1.18.9, and 1.19.0 through 1.19.3. Upgrading to 1.17.16, 1.18.10, or 1.19.4 resolves the issue.
Risk and Exploitability
CVSS score of 6.9 indicates moderate severity. EPSS information is not available, and the vulnerability is not listed in CISA’s KEV catalog, so the likelihood of exploitation is unknown. The attack requires the ability to create or delete CiliumLocalRedirectPolicies, typically requiring cluster‑level privileges. If an attacker gains such privileges, they can hijack service traffic across namespaces or cause denial of service by corrupting the service state.
OpenCVE Enrichment
Github GHSA