摘要:
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple `toEndpoints` AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be appended to the set of HTTP rules, which could cause bypass of HTTP policies. This issue has been patched in Cilium 1.11.16, 1.12.9, and 1.13.2.
安全等级: Low
公告ID: KylinSec-SA-2023-1399
发布日期: 2023年6月9日
关联CVE: CVE-2023-30851
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple `toEndpoints` AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be appended to the set of HTTP rules, which could cause bypass of HTTP policies. This issue has been patched in Cilium 1.11.16, 1.12.9, and 1.13.2.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2023-30851 | KY3.4-4A | cilium | Unaffected |
| CVE-2023-30851 | KY3.4-5A | cilium | Unaffected |
| CVE-2023-30851 | KY3.5.1 | cilium | Unaffected |
| CVE-2023-30851 | KY3.5.2 | cilium | Unaffected |
