CVE-2025-24030 | Envoy Gateway up to 1.2.5 Kubernetes Cluster unprotected primary channel (GHSA-j777-63hf-hx76)

Posted by Angelo Barbosa | Jan 23, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in Envoy Gateway up to 1.2.5. This issue affects some unknown processing of the component Kubernetes Cluster Handler. The manipulation leads to unprotected primary channel.

The identification of this vulnerability is CVE-2025-24030. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-24030 | Envoy Gateway up to 1.2.5 Kubernetes Cluster unprotected primary channel (GHSA-j777-63hf-hx76)

Related Posts

CVE-2024-34461 | Zenario Twig Snippet Plugin prior 9.5.60437 HEAD/BODY Privilege Escalation

CVE-2023-50442 | PRIMX ZONECENTRAL up to 2023.5 cleartext storage

CVE-2024-1605 | BMC Control-M prior 9.0.20.238/9.0.21.201 DLL access control

CVE-2024-10434 | Tenda AC1206 up to 20241027 /goform/ate ate_Tenda_mfg_check_usb/ate_Tenda_mfg_check_usb3 arg stack-based overflow