CVE-2024-28248

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Mar 18, 2024

Updated: Mar 19, 2024

CWE ID 693

Summary

CVE-2024-28248 is a vulnerability affecting Cilium, a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.13.9 and prior to 1.13.13, 1.14.8, and 1.15.2 of Cilium exhibit inconsistent application of HTTP policies, resulting in intermittent forwarding of HTTP traffic that should have been dropped. This issue poses a security risk and has been addressed through patches in versions 1.15.2, 1.14.8, and 1.13.13. No known workarounds exist for affected versions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uy0-sc
https://www.cve.org/CVERecord?id=CVE-2024-28248
https://nvd.nist.gov/vuln/detail/CVE-2024-28248

Back to Vulnerability Database

CVE-2024-28248

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations