CVE-2019-18802
envoy: malformed request header may cause bypass of route matchers resulting in escalation of privileges or information disclosure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from "header-value" so for example with the Host header "example.com " one could bypass "example.com" matchers.
Se detectó un problema en Envoy versión 1.12.0. Un cliente remoto no confiable puede enviar un encabezado HTTP (como Host) con espacios en blanco después del contenido del encabezado. Envoy tratará el "header-value " como una cadena diferente del "header-value", de modo que, por ejemplo, con el encabezado Host "example.com " se podrían omitir los comparadores de "example.com".
A flaw was found in envoy. A malformed request header may cause route matchers or access controls to be bypassed, resulting in escalation of privileges or information disclosure. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-11-07 CVE Reserved
- 2019-12-12 CVE Published
- 2023-11-08 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-284: Improper Access Control
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
https://blog.envoyproxy.io | Product | |
https://groups.google.com/forum/#%21forum/envoy-users | X_refsource_misc |
URL | Date | SRC |
---|---|---|
https://github.com/envoyproxy/envoy/security/advisories/GHSA-356m-vhw2-wcm4 | 2024-08-05 |
URL | Date | SRC |
---|---|---|
https://github.com/envoyproxy/envoy/commits/master | 2023-11-07 |
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00034.html | 2023-11-07 | |
https://access.redhat.com/security/cve/CVE-2019-18802 | 2019-12-11 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1773447 | 2019-12-11 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Envoyproxy Search vendor "Envoyproxy" | Envoy Search vendor "Envoyproxy" for product "Envoy" | <= 1.12.1 Search vendor "Envoyproxy" for product "Envoy" and version " <= 1.12.1" | - |
Affected
|