CVE-2023-27594

Name: CVE-2023-27594
Creator: NVD / NIST
Published: 2023-03-17T20:15:13.583+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.3/10EPSS 0.55%

Last modified Jun 17, 2026

CVE-2023-27594 is a high-severity vulnerability rated 7.3/10 on the CVSS scale. Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which Cilium is running. EPSS estimates a 0.55% chance of exploitation in the next 30 days.

Description

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which Cilium is running. As a consequence, network policies for that cluster might be bypassed, depending on the specific network policies enabled. This issue only manifests when Cilium is routing IPv6 traffic and NodePorts are used to route traffic to pods. IPv6 and endpoint routes are both disabled by default. The problem has been fixed and is available on versions 1.11.15, 1.12.8, and 1.13.1. As a workaround, disable IPv6 routing.

Metrics

CVSS 3.1

7.3/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Probability

0.55%

41.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Cilium	Cilium	< 1.11.15
Cilium	Cilium	>= 1.12.0, < 1.12.8
Cilium	Cilium	>= 1.13.0, < 1.13.1

References

https://github.com/cilium/cilium/releases/tag/v1.11.15Third Party Advisory
https://github.com/cilium/cilium/releases/tag/v1.12.8Third Party Advisory
https://github.com/cilium/cilium/releases/tag/v1.13.1Third Party Advisory
https://github.com/cilium/cilium/security/advisories/GHSA-8fg8-jh2h-f2hcThird Party Advisory
https://github.com/cilium/cilium/releases/tag/v1.11.15Third Party Advisory
https://github.com/cilium/cilium/releases/tag/v1.12.8Third Party Advisory
https://github.com/cilium/cilium/releases/tag/v1.13.1Third Party Advisory
https://github.com/cilium/cilium/security/advisories/GHSA-8fg8-jh2h-f2hcThird Party Advisory

Timeline

Published: Mar 17, 2023
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2023-27594?

How severe is CVE-2023-27594?

CVE-2023-27594 has a CVSS score of 7.3/10 (HIGH severity). The EPSS model estimates a 0.55% probability of exploitation in the next 30 days.

How do I fix CVE-2023-27594?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-27594?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST