CVE-2024-25631

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Feb 20, 2024

CWE ID 311

Summary

CVE-2024-25631 is a cybersecurity vulnerability affecting Cilium, an eBPF-based networking, observability, and security solution. The issue arises when users enable external kvstore and Wireguard transparent encryption, leading to unencrypted traffic between pods within the affected Cilium cluster. This vulnerability exists in Cilium versions prior to v1.14.7. Unfortunately, there is no known workaround to mitigate this issue, making it crucial for users to apply the patch immediately to secure their clusters.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uc8RjB
https://www.cve.org/CVERecord?id=CVE-2024-25631
https://nvd.nist.gov/vuln/detail/CVE-2024-25631

Back to Vulnerability Database

CVE-2024-25631

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations