// For flags

CVE-2022-21654

Incorrect configuration handling allows TLS session re-use without re-validation in Envoy

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Envoy is an open source edge and service proxy, designed for cloud-native applications. Envoy's tls allows re-use when some cert validation settings have changed from their default configuration. The only workaround for this issue is to ensure that default tls settings are used. Users are advised to upgrade.

Envoy es un proxy de borde y servicio de código abierto, diseñado para aplicaciones nativas de la nube. El tls de Envoy permite la reutilización cuando algunos ajustes de validación de cert han cambiado de su configuración por defecto. La única medida de mitigación para este problema es asegurarse de que es usada la configuración tls por defecto. Es recomendado a usuarios actualizar

A flaw was found in envoy. When certificate validation settings are changed, incorrect configuration handling allows TLS session reuse without revalidation.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
Low
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-11-16 CVE Reserved
  • 2022-02-22 CVE Published
  • 2024-08-03 CVE Updated
  • 2024-11-07 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-295: Improper Certificate Validation
  • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Envoyproxy
Search vendor "Envoyproxy"
Envoy
Search vendor "Envoyproxy" for product "Envoy"
>= 1.7.0 < 1.18.6
Search vendor "Envoyproxy" for product "Envoy" and version " >= 1.7.0 < 1.18.6"
-
Affected
Envoyproxy
Search vendor "Envoyproxy"
Envoy
Search vendor "Envoyproxy" for product "Envoy"
>= 1.19.0 < 1.19.3
Search vendor "Envoyproxy" for product "Envoy" and version " >= 1.19.0 < 1.19.3"
-
Affected
Envoyproxy
Search vendor "Envoyproxy"
Envoy
Search vendor "Envoyproxy" for product "Envoy"
>= 1.20.0 < 1.20.2
Search vendor "Envoyproxy" for product "Envoy" and version " >= 1.20.0 < 1.20.2"
-
Affected
Envoyproxy
Search vendor "Envoyproxy"
Envoy
Search vendor "Envoyproxy" for product "Envoy"
>= 1.21.0 < 1.21.1
Search vendor "Envoyproxy" for product "Envoy" and version " >= 1.21.0 < 1.21.1"
-
Affected