Calico · Calico · CVE-2022-28224
**Name of the Vulnerable Software and Affected Versions**
Calico versions 3.22.1 and below
Calico Enterprise versions 3.12.0 and below
**Description**
The issue is related to insufficient validation in the floating IP feature, which may allow a privileged attacker to set a floating IP annotation to a pod even if the feature is not enabled. This could enable the attacker to intercept and reroute traffic to their compromised pod.
**Recommendations**
For Calico versions 3.22.1 and below, consider disabling the floating IP feature until a patch is available.
For Calico Enterprise versions 3.12.0 and below, restrict access to the floating IP annotation to minimize the risk of exploitation.