Home > Vulnerability Database > CVE-2023-27594

Mend.io Vulnerability Database

CVE-2023-27594

Good to know:

Date: March 17, 2023

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which Cilium is running. As a consequence, network policies for that cluster might be bypassed, depending on the specific network policies enabled. This issue only manifests when Cilium is routing IPv6 traffic and NodePorts are used to route traffic to pods. IPv6 and endpoint routes are both disabled by default. The problem has been fixed and is available on versions 1.11.15, 1.12.8, and 1.13.1. As a workaround, disable IPv6 routing.

Language: Go

Severity Score

7.3

Related Resources (6)

Url: https://github.com/cilium/cilium/releases/tag/v1.13.1

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-27594

Url: https://github.com/cilium/cilium/releases/tag/v1.12.8

Url: https://github.com/cilium/cilium/security/advisories/GHSA-8fg8-jh2h-f2hc

Url: https://github.com/cilium/cilium/releases/tag/v1.11.15

Url: https://www.mend.io/vulnerability-database/CVE-2023-27594

Severity Score

7.3

Weakness Type (CWE)

Incorrect Authorization

CWE-863

Top Fix

Upgrade Version

Upgrade to version 1.11.15,1.12.8,1.13.1

Learn More

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2023-27594

Good to know:

Date: March 17, 2023

Language: Go

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?