Homepage
About Snyk

Improper Input Validation Affecting envoyproxy/envoy package, versions [,1.28.7) [1.29.0,1.29.9) [1.30.0,1.30.6) [1.31.0,1.31.2)

Severity

 Recommended
0.0
high
0
10

CVSS assessment made by Snyk's Security Team

    Threat Intelligence

    EPSS
    0.04% (11th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-UNMANAGED-ENVOYPROXYENVOY-8062350
  • published 20 Sep 2024
  • disclosed 19 Sep 2024
  • credit James Force
Report a new vulnerability Found a mistake?

Introduced: 19 Sep 2024

CVE-2024-7207 Open this link in a new tab
CWE-20 Open this link in a new tab

How to fix?

Upgrade envoyproxy/envoy to version 1.28.7, 1.29.9, 1.30.6, 1.31.2 or higher.

Overview

Affected versions of this package are vulnerable to Improper Input Validation through the manipulation of HTTP headers. An attacker can forge requests to internal-only services or arbitrary external systems by manipulating headers in pass-through routes used for the ingress gateway. This is only exploitable if the internal_address_config range for envoy is not set to 0.0.0.0/32.

Note:

This is a regression of the fix for CVE-2023-27487

Workaround

This vulnerability can be mitigated by setting the internal_address_config range for envoy to 0.0.0.0/32.

CVSS Scores

version 4.0
version 3.1
Expand this section

Snyk

Recommended
8.8 high
  • Attack Vector (AV)
    Network
  • Attack Complexity (AC)
    Low
  • Attack Requirements (AT)
    None
  • Privileges Required (PR)
    None
  • User Interaction (UI)
    None
  • Confidentiality (VC)
    High
  • Integrity (VI)
    Low
  • Availability (VA)
    None
  • Confidentiality (SC)
    None
  • Integrity (SI)
    None
  • Availability (SA)
    None