The problem with _cfduid is that it is essentially a third-party cookie (even if it's set on your own domain).
So I think you are still required to inform users of the cookie usage, the purpose of the cookies and link to the relevant Cloudflare privacy/cookie policies.
They wanted to get rid of cookies as much as possible as that's part of their business plan (privacy). So they found a better CDN that didn't use cookies at all, so I'd say they made out like a bandit.
From what I understand functional cookies are excluded from the consent banner.