CVE-2024-23324 — Improper Input Validation in Envoy

CWE-20 — Improper Input Validation2 documents2 sources

Severity

7.5HIGHNVD

EPSS

0.0%

top 89.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Envoyproxy Envoy

Timeline

PublishedFeb 9

Description

Envoy is a high-performance edge/middle/service proxy. External authentication can be bypassed by downstream connections. Downstream clients can force invalid gRPC requests to be sent to ext_authz, circumventing ext_authz checks when failure_mode_allow is set to true. This issue has been addressed in released 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5envoyproxy/envoy< 1.26.7+3

▶NVDenvoyproxy/envoy1.26.0 — 1.26.7+3

Patches

Patch: github.com ↗Patch: github.com ↗

📋Vendor Advisories

Red Hat

envoy: Ext auth can be bypassed when Proxy protocol filter sets invalid UTF-8 metadata↗2024-02-09

▶