VDB
CVE-2025-23047
CVE-2025-23047
PUBLISHED
CVSS 6.5 MEDIUM
Cilium vulnerable to information leakage via insecure default Hubble UI CORS header
EPSS 0.05% · 17.7th percentile
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
0.05%
17.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cilium | cilium | |
| Bitnami | cilium-operator | 1.15.4, 1.15.4, 1.15.4 |
| Bitnami | cilium | 1.14.0, 1.14.0, 1.14.0 |
| Bitnami | cilium-operator | 1.15.4 |
| Bitnami | cilium | 1.14.0 |
| Bitnami | hubble-relay | 1.14.0, 1.14.0, 1.14.0 |
Exploit Intelligence
- CIRCL seen: CVE-2025-23047 (circl-sighting)
- CIRCL seen: CVE-2025-23047 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2025-23047 (circl-sighting)
- CIRCL seen: CVE-2025-23047 (circl-sighting)
- https://github.com/cilium/cilium/security/advisories/GHSA-h78m-j95m-5356 (circl)
- https://github.com/cilium/cilium/commit/a3489f190ba6e87b5336ee685fb6c80b1270d06d (circl)
- version.go (github-poc)
- version.go (github-poc)
- version.go (github-poc)
- version.go (github-poc)
…and 6 more exploits
Timeline
- Jan 21, 1970 Security Advisory
- Jan 22, 2025 CVE Published
- Jan 22, 2025 PoC Published
- Jan 22, 2025 PoC Published
- Jan 22, 2025 PoC Published
- Jan 22, 2025 PoC Published
- Jan 23, 2025 EPSS Score
- Feb 7, 2025 EPSS Score
- Feb 22, 2025 EPSS Score
- Mar 10, 2025 EPSS Score
- Mar 20, 2025 Coalition ESS Score
- Mar 25, 2025 EPSS Score