发布时间: 2024年5月27日
修改时间: 2024年5月27日
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who have enabled an external kvstore and Wireguard transparent encryption, traffic between pods in the affected cluster is not encrypted. This issue affects Cilium v1.14 before v1.14.7 and has been patched in Cilium v1.14.7. There is no workaround to this issue.
| NVD | openEuler | |
|---|---|---|
| CVSS评分 | 6.1 | 6.1 |
| Attack Vector | Adjacent | Adjacent |
| Attack Complexity | High | High |
| Privileges Required | None | None |
| User Interaction | None | None |
| Scope | Changed | Changed |
| Confidentiality | High | High |
| Integrity | None | None |
| Availability | None | None |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2024-2218 | Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who have enabled an external kvstore and Wireguard transparent encryption, traffic between pods in the affected cluster is not encrypted. This issue affects Cilium v1.14 before v1.14.7 and has been patched in Cilium v1.14.7. There is no workaround to this issue. | 2024年5月27日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-4A | cilium | Unaffected |
| KY3.4-5 | cilium | Unaffected |
| KY3.5.1 | cilium | Unaffected |
| KY3.5.2 | cilium | Unaffected |
