Theoretical Request Smuggling Vulnerability in Envoy
CVE-2024-23326

8.2HIGH

Key Information:

Vendor: Envoy
Status: Envoy
Vendor: CVE Published:; 4 June 2024

What is CVE-2024-23326?

A theoretical vulnerability exists in the Envoy proxy that allows for request smuggling if an attacker can manipulate the server into adding an 'Upgrade' header to its responses. This situation arises because Envoy incorrectly processes a 200 OK status code from a server when a protocol upgrade is expected, despite 200 not indicating a protocol switch per RFC 7230. The flaw can lead to serious security issues by allowing potentially malicious requests to bypass intended controls, making it imperative for users of Envoy to audit their configurations and apply necessary updates as advised by the security advisory.

References

https://github.com/envoyproxy/envoy/security/advisories/G...

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 4, 2024

JSON