Multiple vulnerabilities in CNCF Envoy



Published: 2020-03-09
Risk High
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2020-8664
CVE-2020-8661
CVE-2020-8660
CVE-2020-8659
CWE-ID CWE-284
CWE-400
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
envoy
Server applications / IDS/IPS systems, Firewalls and proxy servers

Vendor Cloud Native Computing Foundation

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Improper access control

EUVDB-ID: #VU25838

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-8664

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to sensitive information.

The vulnerability exists due to improper access restrictions when using SDS with Combined Validation Context. A remote attacker can use the same secret (e.g. trusted CA) across many resources together with the combined validation context and gain unauthorized access to the affected application

Mitigation

Install update from vendor's website.

Vulnerable software versions

envoy: 1.0.0 - 1.13.0


CPE2.3 External links

http://github.com/envoyproxy/envoy/security/advisories/GHSA-3x9m-pgmg-xpx8
http://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Resource exhaustion

EUVDB-ID: #VU25837

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-8661

CWE-ID: CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the affected software consumes excessive amounts of memory when responding internally to pipelined requests. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

envoy: 1.0.0 - 1.13.0


CPE2.3 External links

http://github.com/envoyproxy/envoy/security/advisories/GHSA-36cq-ww7h-p4j7
http://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

3) Improper access control

EUVDB-ID: #VU25836

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-8660

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass TLS inspector.

The vulnerability exists due to the TLS extensions (SNI, ALPN) are not inspected, those connections might been matched to a wrong filter chain. A remote attacker can bypass implemented security restrictions in the process and gain unauthorized access to the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

envoy: 1.0.0 - 1.13.0


CPE2.3 External links

http://github.com/envoyproxy/envoy/security/advisories/GHSA-c4g8-7grc-5wvx
http://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

4) Resource exhaustion

EUVDB-ID: #VU25835

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-8659

CWE-ID: CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the affected software consumes excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. 1 byte) chunks. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

envoy: 1.0.0 - 1.13.0


CPE2.3 External links

http://github.com/envoyproxy/envoy/security/advisories/GHSA-jwcm-4pwp-c2qv
http://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###