CVE-2024-28248

HIGH Year: 2024
CVSS v3 Score
7.2
High
Weakness Type
CWE-693
View all →

Vulnerability Description

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being incorrectly and intermittently forwarded when it should be dropped. This issue has been patched in Cilium 1.15.2, 1.14.8, and 1.13.13. There are no known workarounds for this issue.

Related Vulnerabilities

CVE-2020-28396

HIGH
CVSS:7.3(High)

A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP-8021 (All versions < V16), SICAM A8000 CP-8022 (All versions < V16). A web server misconfiguration of th...

CWE-6932020

CVE-2020-7320

HIGH
CVSS:7.3(High)

Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local administrator to temporarily reduce the detection capability...

CWE-6932020

CVE-2024-0029

HIGH
CVSS:7.1(High)

In multiple files, there is a possible way to capture the device screen when disallowed by device policy due to a logic error in the code. This could lead to local escalation of privilege with no addi...

CWE-6932024

CVE-2017-2685

HIGH
CVSS:7.4(High)

Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 (including) and 2.0.6 (excluding) and between 3.0.4.00.032 (including) and 3.0.6 (excluding) contain a vulnerability that could allow a...

CWE-6932017

CVE-2025-0411

HIGH
CVSS:7.0(High)

7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is requir...

CWE-6932025