19Mar
CVE-2024-28249 | Cilium up to 1.13.12/1.14.7/1.15.1 IPsec missing encryption (GHSA-j89h-qrvr-xc36)
A vulnerability was found in Cilium up to 1.13.12/1.14.7/1.15.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component IPsec. The manipulation leads to missing encryption of sensitive data. This vulnerability is known as CVE-2024-28249. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.