GitHub_MCVELIST:CVE-2023-27491CVE-2023-27491 Envoy forwards invalid Http2/Http3 downstream headers
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
9.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.6%
Envoy is an open source edge and service proxy designed for cloud-native applications. Compliant HTTP/1 service should reject malformed request lines. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, There is a possibility that non compliant HTTP/1 service may allow malformed requests, potentially leading to a bypass of security policies. This issue is fixed in versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9.
CNA Affected
[
{
"vendor": "envoyproxy",
"product": "envoy",
"versions": [
{
"version": ">= 1.25.0, < 1.25.3",
"status": "affected"
},
{
"version": ">= 1.24.0, < 1.24.4",
"status": "affected"
},
{
"version": ">= 1.23.0, < 1.23.6",
"status": "affected"
},
{
"version": "< 1.22.9",
"status": "affected"
}
]
}
]Related
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
9.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.6%