Количество 3
Количество 3
CVE-2024-28249
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sent unencrypted and IPsec-eligible traffic between a node's DNS proxy and pods on other nodes is sent unencrypted. This issue has been resolved in Cilium 1.15.2, 1.14.8, and 1.13.13. There is no known workaround for this issue.
CVE-2024-28249
Cilium is a networking, observability, and security solution with an e ...
GHSA-j89h-qrvr-xc36
Unencrypted traffic between nodes when using IPsec and L7 policies
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-28249 Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sent unencrypted and IPsec-eligible traffic between a node's DNS proxy and pods on other nodes is sent unencrypted. This issue has been resolved in Cilium 1.15.2, 1.14.8, and 1.13.13. There is no known workaround for this issue. | CVSS3: 6.1 | 0% Низкий | почти 2 года назад |
| CVE-2024-28249 Cilium is a networking, observability, and security solution with an e ... | CVSS3: 6.1 | 0% Низкий | почти 2 года назад |
| GHSA-j89h-qrvr-xc36 Unencrypted traffic between nodes when using IPsec and L7 policies | CVSS3: 6.1 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу