Home > Vulnerability Database > WS-2021-0122

Mend.io Vulnerability Database

WS-2021-0122

Date: August 19, 2025

Under certain conditions, ICMP Echo Request sent to a Cilium endpoint from an actor may bypass a network policy which disallows access from the actor to the endpoint, but allows from the endpoint to the actor. This does NOT apply to UDP and TCP traffic. The issue has been fixed in Cilium versions v1.7.15, v1.8.8 and v1.9.5.

Language: Go

Severity Score

6.5

Related Resources (3)

Url: https://github.com/cilium/cilium/security/advisories/GHSA-c66w-hq56-4q97

Url: https://github.com/cilium/cilium/commit/dfb008a9099c4da1e0fd964c899c43ee13280b0e

Url: https://www.mend.io/vulnerability-database/WS-2021-0122

Severity Score

6.5

Weakness Type (CWE)

Authentication Bypass Using an Alternate Path or Channel

CWE-288

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

WS-2021-0122

Date: August 19, 2025

Language: Go

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?