CVE-2020-25017Improper Access Control in Envoy

CWE-284Improper Access Control3 documents3 sources
Severity
8.3HIGHNVD
EPSS
0.1%
top 83.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Envoyproxy Envoy
Timeline
Latest updateSep 29
PublishedOct 1

Description

Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. Envoy’s setCopy() header map API does not replace all existing occurences of a non-inline header.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:LExploitability: 3.9 | Impact: 3.7

Affected Packages1 packages

NVDenvoyproxy/envoy1.13.01.13.4+3

📋Vendor Advisories

1
Red Hat
envoyproxy/envoy: incorrectly handles multiple HTTP headers in requests2020-09-29

💬Community

1
Bugzilla
CVE-2020-25017 envoyproxy/envoy: incorrectly handles multiple HTTP headers in requests2020-09-10
CVE-2020-25017 — Improper Access Control in Envoy | cvebase