Skip to content

Commit c357616

Browse files
1 parent 5d63da7 commit c357616

1 file changed

Lines changed: 99 additions & 0 deletions

File tree

Lines changed: 99 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,99 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-3fcv-jvfp-m4q9",
4+
"modified": "2026-07-06T17:03:20Z",
5+
"published": "2026-07-06T17:03:20Z",
6+
"aliases": [
7+
"CVE-2026-49445"
8+
],
9+
"summary": "Cilium vulnerable to sensitive information disclosure and cluster disruption via local Envoy admin socket access",
10+
"details": "### Impact\n\nWhen Cilium L7 functionality is enabled on a cluster, the Envoy instance supporting this functionality creates a world-accessible socket on cluster nodes. A local attacker would be able to access Envoy admin endpoints. Depending on deployment configuration, this can expose sensitive information or allow disruptive administrative operations, such as:\n\n- Exposing TLS secrets\n- Disrupting traffic in the cluster\n- Terminating the Envoy process \n\nThis issue affects both the embedded and standalone Envoy deployment models.\n\n### Patches\n\nThis issue affects:\n\n- Cilium v1.19 between v1.19.0 and v1.19.1 inclusive\n- Cilium v1.18 between v1.18.0 and v1.18.7 inclusive\n- All versions of Cilium prior to v1.17.14\n\nThis issue has been patched in https://github.com/cilium/cilium/pull/44512, included in:\n\n- Cilium v1.19.2\n- Cilium v1.18.8\n- Cilium v1.17.14\n\n### Workarounds\n\nThere is no known workaround to this issue.\n\n### Acknowledgements\n\nThe Cilium community has worked together with members of Isovalent to prepare these mitigations. Special thanks to [moemen](https://github.com/moemen) for reporting the issue and [0xch4z](https://github.com/0xch4z) for their work on triaging and remediating this issue.\n\n### For more information\n\nIf there are any questions or comments about this advisory, please reach out on [Slack (https://docs.cilium.io/en/latest/community/community/).\n\nIf anyone thinks they have found a vulnerability affecting Cilium, it is strongly encouraged to report it to the security mailing list at [security@cilium.io](mailto:security@cilium.io). This is a private mailing list for the Cilium security team, and the report will be treated as a top priority.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "Go",
21+
"name": "github.com/cilium/cilium"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "1.19.0"
29+
},
30+
{
31+
"fixed": "1.19.2"
32+
}
33+
]
34+
}
35+
]
36+
},
37+
{
38+
"package": {
39+
"ecosystem": "Go",
40+
"name": "github.com/cilium/cilium"
41+
},
42+
"ranges": [
43+
{
44+
"type": "ECOSYSTEM",
45+
"events": [
46+
{
47+
"introduced": "1.18.0"
48+
},
49+
{
50+
"fixed": "1.18.8"
51+
}
52+
]
53+
}
54+
]
55+
},
56+
{
57+
"package": {
58+
"ecosystem": "Go",
59+
"name": "github.com/cilium/cilium"
60+
},
61+
"ranges": [
62+
{
63+
"type": "ECOSYSTEM",
64+
"events": [
65+
{
66+
"introduced": "0"
67+
},
68+
{
69+
"fixed": "1.17.14"
70+
}
71+
]
72+
}
73+
]
74+
}
75+
],
76+
"references": [
77+
{
78+
"type": "WEB",
79+
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-3fcv-jvfp-m4q9"
80+
},
81+
{
82+
"type": "WEB",
83+
"url": "https://github.com/cilium/cilium/pull/44512"
84+
},
85+
{
86+
"type": "PACKAGE",
87+
"url": "https://github.com/cilium/cilium"
88+
}
89+
],
90+
"database_specific": {
91+
"cwe_ids": [
92+
"CWE-862"
93+
],
94+
"severity": "CRITICAL",
95+
"github_reviewed": true,
96+
"github_reviewed_at": "2026-07-06T17:03:20Z",
97+
"nvd_published_at": null
98+
}
99+
}

0 commit comments

Comments
 (0)