Clusters using Calico (version 3.22.1 and below), Calico Enterprise (version 3.12.0 and below), may be vulnerable to route hijacking with the floating IP feature. Due to insufficient validation, a privileged attacker may be able to set a floating IP annotation to a pod even if the feature is not enabled. This may allow the attacker to intercept and reroute traffic to their compromised pod.
References
Link | Resource |
---|---|
https://www.tigera.io/security-bulletins-tta-2022-001/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Tigera
Published: 2022-06-01T00:00:00
Updated: 2022-06-06T17:19:12
Reserved: 2022-03-30T00:00:00
Link: CVE-2022-28224
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-06-06T18:15:09.360
Modified: 2022-06-14T15:32:32.217
Link: CVE-2022-28224
JSON object: View
Redhat Information
No data.