Hi,
I allow myself to jump on this discussion.
That CVE report is about attacking a kubernetes cluster running Calico
(see the link in the `References to Advisories, Solutions, and Tools`
section in the NIST CVE). By default, calico doesn't require password
authentication for BGP connections.
00:00 2001
From: Radu Carpa
Date: Mon, 16 Jan 2023 17:50:07 +0100
Subject: [PATCH] allow setting the 'onlink' route attribute in filters
The main use-case is to build IP-IP overlay networks on linux.
Two routers (1.1.1.1 and 2.2.2.2) can peer directly over their
public interface, but
