Network Policy Vulnerability in Cilium by Isovalent
CVE-2024-47825

8.7HIGH

Key Information:

Vendor: Cilium
Status: Cilium
Vendor: CVE Published:; 21 October 2024

What is CVE-2024-47825?

A network policy flaw exists in Cilium, impacting certain versions by allowing a broader prefix denial rule to be ignored in specific conditions. When a rule specifies enableDefaultDeny: false or indicates toEntities: all, a more specific rule may override denials. This behavior can lead to unintended access or exposure. The issue is notable in Cilium versions ranging from 1.14.0 to prior to 1.14.16 and 1.15.10. Affected users are advised to modify their policy configurations to eliminate the enableDefaultDeny: false setting or adjust their 'toEntities' specifications for improved security. The vulnerability has been addressed in Cilium releases 1.14.16 and 1.15.10.

References

https://github.com/cilium/cilium/security/advisories/GHSA...

CVSS V3.1

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 21, 2024