CVE-2023-32731

Information leak in gRPC

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

NVD
RedHat

When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained in https://github.com/grpc/grpc/pull/33005 https://github.com/grpc/grpc/pull/33005

A flaw was found in gRPC. This flaw allows a remote attacker to obtain sensitive information, caused by a flaw when the gRPC HTTP2 stack raised a header size exceeded error. By sending a specially crafted request, an attacker can obtain sensitive information, and use this information to launch further attacks against the affected system.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-05-12 CVE Reserved
2023-06-09 CVE Published
2024-09-26 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-440: Expected Behavior Violation

CAPEC

CAPEC-220: Client-Server Protocol Manipulation

References (4)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://github.com/grpc/grpc/pull/32309	2023-06-15
https://github.com/grpc/grpc/pull/33005	2023-06-15

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2023-32731	2024-12-03
https://bugzilla.redhat.com/show_bug.cgi?id=2214463	2024-12-03

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Grpc Search vendor "Grpc"		Grpc Search vendor "Grpc" for product "Grpc"				>= 1.53.0 < 1.55.0 Search vendor "Grpc" for product "Grpc" and version " >= 1.53.0 < 1.55.0"		-		Affected