CVE-2024-45808 — Improper Output Neutralization for Logs in Envoy

CWE-117 — Improper Output Neutralization for Logs CWE-116 — Improper Encoding or Escaping of Output2 documents2 sources

Severity

6.5MEDIUMNVD

EPSS

0.1%

top 82.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Envoyproxy Envoy

Timeline

PublishedSep 20

Description

Envoy is a cloud-native high-performance edge/middle/service proxy. A vulnerability has been identified in Envoy that allows malicious attackers to inject unexpected content into access logs. This is achieved by exploiting the lack of validation for the `REQUESTED_SERVER_NAME` field for access loggers. This issue has been addressed in versions 1.31.2, 1.30.6, 1.29.9, and 1.28.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages2 packages

▶NVDenvoyproxy/envoy1.29.0 — 1.29.9+3

▶CVEListV5envoyproxy/envoy>= 1.29.0, < 1.29.9, >= 1.30.0, < 1.30.6, >= 1.31.0, < 1.31.2+2

📋Vendor Advisories

Red Hat

envoy: Malicious log injection via access logs↗2024-09-20

▶