CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
17.2%
github.com/envoyproxy/envoy is vulnerable to Authentication Bypass. The vulnerability is caused due to downstream clients being able to force invalid gRPC requests to ext_authz
, thereby circumventing ext_authz
checks when failure_mode_allow
is set to true. This leads to external authentication getting bypassed by downstream connections which compromises confidentiality of the system.
github.com/envoyproxy/envoy/commit/29989f6cc8bfd8cd2ffcb7c42711eb02c7a5168a
github.com/envoyproxy/envoy/commit/4795bf3e8e65e53561400f255f9fc783b4d27d14
github.com/envoyproxy/envoy/commit/c64d4cf11282f40646613b1c53a009b1b0317c52
github.com/envoyproxy/envoy/commit/e4a1a381c67f6c47ff3ed9238215bcc56b07b750
github.com/envoyproxy/envoy/commit/f65ace2963263f476a5330e73cbe69fb5a0cf4c8
github.com/envoyproxy/envoy/security/advisories/GHSA-gq3v-vvhj-96j6