+ "details": "### Impact\n\nWhen Cilium L7 functionality is enabled on a cluster, the Envoy instance supporting this functionality creates a world-accessible socket on cluster nodes. A local attacker would be able to access Envoy admin endpoints. Depending on deployment configuration, this can expose sensitive information or allow disruptive administrative operations, such as:\n\n- Exposing TLS secrets\n- Disrupting traffic in the cluster\n- Terminating the Envoy process \n\nThis issue affects both the embedded and standalone Envoy deployment models.\n\n### Patches\n\nThis issue affects:\n\n- Cilium v1.19 between v1.19.0 and v1.19.1 inclusive\n- Cilium v1.18 between v1.18.0 and v1.18.7 inclusive\n- All versions of Cilium prior to v1.17.14\n\nThis issue has been patched in https://github.com/cilium/cilium/pull/44512, included in:\n\n- Cilium v1.19.2\n- Cilium v1.18.8\n- Cilium v1.17.14\n\n### Workarounds\n\nThere is no known workaround to this issue.\n\n### Acknowledgements\n\nThe Cilium community has worked together with members of Isovalent to prepare these mitigations. Special thanks to [moemen](https://github.com/moemen) for reporting the issue and [0xch4z](https://github.com/0xch4z) for their work on triaging and remediating this issue.\n\n### For more information\n\nIf there are any questions or comments about this advisory, please reach out on [Slack (https://docs.cilium.io/en/latest/community/community/).\n\nIf anyone thinks they have found a vulnerability affecting Cilium, it is strongly encouraged to report it to the security mailing list at [security@cilium.io](mailto:security@cilium.io). This is a private mailing list for the Cilium security team, and the report will be treated as a top priority.",
0 commit comments