ISTIO-SECURITY-2023-003
CVEs reported by Envoy.
| Disclosure Details | |
|---|---|
| CVE(s) | CVE-2023-35941 CVE-2023-35942 CVE-2023-35943 CVE-2023-35944 |
| CVSS Impact Score | 8.6 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L |
| Affected Releases | All releases prior to 1.16.0 1.16.0 to 1.16.6 1.17.0 to 1.17.4 1.18.0 to 1.18.1 |
CVE
Envoy CVEs
- CVE-2023-35941: (CVSS Score 8.6, High): OAuth2 credentials exploit with permanent validity.
- CVE-2023-35942: (CVSS Score 6.5, Moderate): gRPC access log crash caused by the listener draining.
- CVE-2023-35943: (CVSS Score 6.3, Moderate): CORS filter segfault when origin header is removed.
- CVE-2023-35944: (CVSS Score 8.2, High): Incorrect handling of HTTP requests and responses with mixed case schemes in Envoy.
Am I Impacted?
You are impacted If you accept HTTP/2 traffic from untrusted sources, which applies to most users. This especially applies if you use a Gateway exposed on the public internet.