Cilium Hubble UI Cross-Origin Resource Sharing Misconfiguration Vulnerability

A vulnerability exists in Cilium Hubble UI deployments due to an insecure default 'Access-Control-Allow-Origin' header. This issue affects Cilium versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4. The misconfiguration could lead to unauthorized exposure of sensitive Kubernetes cluster data, including node names, IP addresses, and metadata about workloads and networking configurations. Exploitation requires a user to visit a malicious webpage.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive configuration details of the monitored Kubernetes cluster, potentially including node names, IP addresses, and other workload and networking metadata.

Remediation

Users can upgrade to Cilium versions 1.14.19, 1.15.13, or 1.16.6 to address this vulnerability. For those using the Cilium Helm chart, the CORS headers can be removed from the Helm template.