Lucene search
Symantec Security ResponseSMNTC-110848HistoryNov 11, 2019 - 12:00 a.m.
Envoy CVE-2019-18836 Remote Denial of Service Vulnerability
2019-11-1100:00:00
Symantec Security Response
www.symantec.com
12
Description
Envoy is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause denial of service conditions.
Technologies Affected
- Envoy Envoy 1.12.0
- Istio Istio 1.3.0
- Istio Istio 1.3.1
- Istio Istio 1.3.2
- Istio Istio 1.3.3
Recommendations
Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, block access at the network perimeter to computers running the vulnerable application
Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity such as unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.
Updates are available. Please see the references for more information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| istio istio | eq | 1.3.2 | |
| istio istio | eq | 1.3.3 | |
| istio istio | eq | 1.3.1 | |
| envoy envoy | eq | 1.12.0 | |
| istio istio | eq | 1.3.0 |
Related
cvelist
cvelist
CVE-2019-18836
2019-11-11 00:17:35
CVE-2019-18817
2019-11-12 14:01:26
cve
cve
CVE-2019-18836
2019-11-11 01:15:00
CVE-2019-18817
2019-11-12 14:15:00
prion
prion
Design/Logic Flaw
2019-11-11 01:15:00
Sql injection
2019-11-12 14:15:00
osv
osv
CVE-2019-18836
2019-11-11 01:15:10
CVE-2019-18817
2019-11-12 14:15:11
Istio vulnerable to denial of service
2022-05-24 22:01:14
redhatcve
redhatcve
CVE-2019-18836
2019-11-11 09:22:44
github
github
Istio vulnerable to denial of service
2022-05-24 22:01:14
nessus
nessus
Photon OS 2.0: Envoy PHSA-2020-2.0-0229
2020-04-22 00:00:00
Photon OS 1.0: Envoy PHSA-2020-1.0-0290
2020-04-29 00:00:00
photon
photon
Related for SMNTC-110848