cvelistv5 - cve-2024-28248

cve-2024-28248

Vulnerability from cvelistv5

Published

2024-03-18 21:31

Modified

2024-08-02 00:48

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Summary

Cilium intermittent HTTP policy bypass

References

▼	URL	Tags
	security-advisories@github.com	https://docs.cilium.io/en/stable/security/policy/language/#http
	security-advisories@github.com	https://github.com/cilium/cilium/releases/tag/v1.13.13
	security-advisories@github.com	https://github.com/cilium/cilium/releases/tag/v1.14.8
	security-advisories@github.com	https://github.com/cilium/cilium/releases/tag/v1.15.2
	security-advisories@github.com	https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85
	af854a3a-2127-422b-91ae-364da2661108	https://docs.cilium.io/en/stable/security/policy/language/#http
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/cilium/cilium/releases/tag/v1.13.13
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/cilium/cilium/releases/tag/v1.14.8
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/cilium/cilium/releases/tag/v1.15.2
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85

Impacted products

Vendor

Product

Version

▼

cilium

Version: >= 1.13.9, < 1.13.13
Version: >= 1.14.0, < 1.14.8
Version: >= 1.15.0, < 1.15.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-28248",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-21T18:21:21.589831Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T18:04:02.014Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:48:49.593Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85"
          },
          {
            "name": "https://docs.cilium.io/en/stable/security/policy/language/#http",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://docs.cilium.io/en/stable/security/policy/language/#http"
          },
          {
            "name": "https://github.com/cilium/cilium/releases/tag/v1.13.13",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/cilium/cilium/releases/tag/v1.13.13"
          },
          {
            "name": "https://github.com/cilium/cilium/releases/tag/v1.14.8",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/cilium/cilium/releases/tag/v1.14.8"
          },
          {
            "name": "https://github.com/cilium/cilium/releases/tag/v1.15.2",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/cilium/cilium/releases/tag/v1.15.2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "cilium",
          "vendor": "cilium",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.13.9, \u003c 1.13.13"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.14.0, \u003c 1.14.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.15.0, \u003c 1.15.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium\u0027s HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being incorrectly and intermittently forwarded when it should be dropped. This issue has been patched in Cilium 1.15.2, 1.14.8, and 1.13.13. There are no known workarounds for this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693: Protection Mechanism Failure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-18T21:33:23.689Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85"
        },
        {
          "name": "https://docs.cilium.io/en/stable/security/policy/language/#http",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://docs.cilium.io/en/stable/security/policy/language/#http"
        },
        {
          "name": "https://github.com/cilium/cilium/releases/tag/v1.13.13",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/cilium/cilium/releases/tag/v1.13.13"
        },
        {
          "name": "https://github.com/cilium/cilium/releases/tag/v1.14.8",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/cilium/cilium/releases/tag/v1.14.8"
        },
        {
          "name": "https://github.com/cilium/cilium/releases/tag/v1.15.2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/cilium/cilium/releases/tag/v1.15.2"
        }
      ],
      "source": {
        "advisory": "GHSA-68mj-9pjq-mc85",
        "discovery": "UNKNOWN"
      },
      "title": "Cilium intermittent HTTP policy bypass"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-28248",
    "datePublished": "2024-03-18T21:31:51.318Z",
    "dateReserved": "2024-03-07T14:33:30.036Z",
    "dateUpdated": "2024-08-02T00:48:49.593Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-28248\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-03-18T22:15:08.220\",\"lastModified\":\"2024-11-21T09:06:05.573\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium\u0027s HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being incorrectly and intermittently forwarded when it should be dropped. This issue has been patched in Cilium 1.15.2, 1.14.8, and 1.13.13. There are no known workarounds for this issue.\"},{\"lang\":\"es\",\"value\":\"Cilium es una soluci\u00f3n de redes, observabilidad y seguridad con un plano de datos basado en eBPF. A partir de la versi\u00f3n 1.13.9 y antes de las versiones 1.13.13, 1.14.8 y 1.15.2, las pol\u00edticas HTTP de Cilium no se aplican de manera consistente a todo el tr\u00e1fico en el alcance de las pol\u00edticas, lo que lleva a que el tr\u00e1fico HTTP se reenv\u00ede de manera incorrecta e intermitente cuando deber\u00eda dejarse caer. Este problema se solucion\u00f3 en Cilium 1.15.2, 1.14.8 y 1.13.13. No se conocen workarounds para este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-693\"}]}],\"references\":[{\"url\":\"https://docs.cilium.io/en/stable/security/policy/language/#http\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/cilium/cilium/releases/tag/v1.13.13\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/cilium/cilium/releases/tag/v1.14.8\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/cilium/cilium/releases/tag/v1.15.2\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://docs.cilium.io/en/stable/security/policy/language/#http\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/cilium/cilium/releases/tag/v1.13.13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/cilium/cilium/releases/tag/v1.14.8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/cilium/cilium/releases/tag/v1.15.2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2024-28248

Vulnerability from cvelistv5

gsd-2024-28248

Vulnerability from gsd

ghsa-68mj-9pjq-mc85

Vulnerability from github

Impact

Patches

Workarounds

Acknowledgements

For more information

Tags

Sightings

Nomenclature