Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-34242
Summary
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue affects github.com/cilium/cilium versions 1.13.0-rc2 through 1.13.3, and 1.14.0-snapshot.0 through 1.14.0-snapshot.3, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a "ReferenceGrant" is created could result in Cilium unintentionally gaining visibility of secrets (including certificates) and services across namespaces. An attacker on an affected cluster can leverage this issue to use cluster secrets that should not be visible to them, or communicate with services that they should not have access to. Gateway API functionality is disabled by default. As a workaround, restrict the creation of "ReferenceGrant" resources to admin users by using Kubernetes RBAC.
- LOW
- ADJACENT NETWORK
- NONE
- CHANGED
- NONE
- HIGH
- LOW
- NONE
CWE-200 - Information Exposure
An information exposure vulnerability is categorized as an information flow (IF) weakness, which can potentially allow unauthorized access to otherwise classified information in the application, such as confidential personal information (demographics, financials, health records, etc.), business secrets, and the application's internal environment.
References
Advisory Timeline
- Published
