漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Unencrypted traffic between pods when using Wireguard and an external kvstore
Vulnerability Description
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who have enabled an external kvstore and Wireguard transparent encryption, traffic between pods in the affected cluster is not encrypted. This issue affects Cilium v1.14 before v1.14.7 and has been patched in Cilium v1.14.7. There is no workaround to this issue.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
敏感数据加密缺失
Vulnerability Title
Cilium 安全漏洞
Vulnerability Description
Cilium是一个开源软件。用于提供和透明地保护应用程序工作负载(如应用程序容器或进程)之间的网络连接和负载平衡。 Cilium v1.14.7之前版本存在安全漏洞,该漏洞源于受影响集群中 pod 之间的流量不会加密。
CVSS Information
N/A
Vulnerability Type
N/A