Description

Envoy is a cloud-native, open source edge and service proxy. A theoretical request smuggling vulnerability exists through Envoy if a server can be tricked into adding an upgrade header into a response. Per RFC https://www.rfc-editor.org/rfc/rfc7230#section-6.7 a server sends 101 when switching protocols. Envoy incorrectly accepts a 200 response from a server when requesting a protocol upgrade, but 200 does not indicate protocol switch. This opens up the possibility of request smuggling through Envoy if the server can be tricked into adding the upgrade header to the response.

INFO

Published Date :

2024-06-04T20:05:48.230Z

Last Modified :

2024-08-01T22:59:32.189Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-23326 vulnerability.

Vendors Products
Envoyproxy
  • Envoy
Redhat
  • Service Mesh
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-23326.

URL Resource
https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c cve-icon cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-23326 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-23326 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact