CVE-2023-30851

low-risk
Published 2023-05-25

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple `toEndpoints` AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be appended to the set of HTTP rules, which could cause bypass of HTTP policies. This issue has been patched in Cilium 1.11.16, 1.12.9, and 1.13.2.

Do I need to act?

-
0.13% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
2
CVSS 2.6/10 Low
ADJACENT_NETWORK / HIGH complexity

Affected Products (1)

Affected Vendors

Cilium

References (8)

Release Notes https://github.com/cilium/cilium/releases/tag/v1.11.16
Release Notes https://github.com/cilium/cilium/releases/tag/v1.12.9
Release Notes https://github.com/cilium/cilium/releases/tag/v1.13.2
Vendor Advisory https://github.com/cilium/cilium/security/advisories/GHSA-2h44-x2wx-49f4
Release Notes https://github.com/cilium/cilium/releases/tag/v1.11.16
Release Notes https://github.com/cilium/cilium/releases/tag/v1.12.9
Release Notes https://github.com/cilium/cilium/releases/tag/v1.13.2
Vendor Advisory https://github.com/cilium/cilium/security/advisories/GHSA-2h44-x2wx-49f4
13
/ 100
low-risk
Severity 7/34 · Low
Exploitability 1/34 · Minimal
Exposure 5/34 · Minimal