CVE-2023-29002

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the `cilium-secrets` namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug output from the Cilium containers could use the resulting output to intercept and modify traffic to and from the affected cluster. Output of the sensitive information would occur at Cilium agent restart, when secrets in the namespace are modified, and on creation of Ingress or GatewayAPI resources. This vulnerability is fixed in Cilium releases 1.11.16, 1.12.9, and 1.13.2. Users unable to upgrade should disable debug mode.

CVSS v3 6.3 MEDIUM

6.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.0 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/cilium/cilium/security/advisories/GHSA-pg5p-wwp8-97g8	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cilium:cilium::::::::
	cpe:2.3:a:cilium:cilium::::::::
	cpe:2.3:a:cilium:cilium::::::::

History

04 May 2023, 13:01

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.3
References	~~(MISC) https://github.com/cilium/cilium/security/advisories/GHSA-pg5p-wwp8-97g8 -~~	(MISC) https://github.com/cilium/cilium/security/advisories/GHSA-pg5p-wwp8-97g8 - Vendor Advisory
CPE		cpe:2.3:a:cilium:cilium::::::::
First Time		Cilium Cilium cilium

18 Apr 2023, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-04-18 22:15

Updated : 2023-12-10 15:01

NVD link : CVE-2023-29002

Mitre link : CVE-2023-29002

CVE.ORG link : CVE-2023-29002

JSON object : View

Products Affected

cilium

cilium

CWE

CWE-532

Insertion of Sensitive Information into Log File

{"id": "CVE-2023-29002", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.0}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.8, "exploitabilityScore": 0.8}]}, "published": "2023-04-18T22:15:07.897", "references": [{"url": "https://github.com/cilium/cilium/security/advisories/GHSA-pg5p-wwp8-97g8", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-532"}]}], "descriptions": [{"lang": "en", "value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the `cilium-secrets` namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug output from the Cilium containers could use the resulting output to intercept and modify traffic to and from the affected cluster. Output of the sensitive information would occur at Cilium agent restart, when secrets in the namespace are modified, and on creation of Ingress or GatewayAPI resources. This vulnerability is fixed in Cilium releases 1.11.16, 1.12.9, and 1.13.2. Users unable to upgrade should disable debug mode."}], "lastModified": "2023-05-04T13:01:18.917", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AFD7B49-00F8-4038-AE8C-AA01DA212E38", "versionEndExcluding": "1.11.16", "versionStartIncluding": "1.7.0"}, {"criteria": "cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8371AD7-2C69-4584-B0C3-2AB4E632FC37", "versionEndExcluding": "1.12.9", "versionStartIncluding": "1.12.0"}, {"criteria": "cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2A8D7A6-200B-443C-B171-512964293B8D", "versionEndExcluding": "1.13.2", "versionStartIncluding": "1.13.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}