- Description
- Envoy is a cloud-native high-performance edge/middle/service proxy. A vulnerability has been identified in Envoy that allows malicious attackers to inject unexpected content into access logs. This is achieved by exploiting the lack of validation for the `REQUESTED_SERVER_NAME` field for access loggers. This issue has been addressed in versions 1.31.2, 1.30.6, 1.29.9, and 1.28.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 2.5
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C5E423BE-4022-47AB-A5D4-B218627517DD",
"versionEndExcluding": "1.28.7"
},
{
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E442EF13-A99D-42B9-BC76-AC398C32D132",
"versionEndExcluding": "1.29.9",
"versionStartIncluding": "1.29.0"
},
{
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9685C62-CFE4-43C5-B0C2-1C6722FB4F64",
"versionEndExcluding": "1.30.6",
"versionStartIncluding": "1.30.0"
},
{
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C765FFC0-2FF7-4318-A347-2AFCAD0E7C74",
"versionEndExcluding": "1.31.2",
"versionStartIncluding": "1.31.0"
}
],
"operator": "OR"
}
]
}
]