CVE-2021-32777 — HIGH (8.6)

Q: How severe is CVE-2021-32777?

CVE-2021-32777 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-32777?

Check the references section above for vendor advisories and patch information. Affected products include: Envoyproxy Envoy.

Vulnerability Description

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions when ext-authz extension is sending request headers to the external authorization service it must merge multiple value headers according to the HTTP spec. However, only the last header value is sent. This may allow specifically crafted requests to bypass authorization. Attackers may be able to escalate privileges when using ext-authz extension or back end service that uses multiple value headers for authorization. A specifically constructed request may be delivered by an untrusted downstream peer in the presence of ext-authz extension. Envoy versions 1.19.1, 1.18.4, 1.17.4, 1.16.5 contain fixes to the ext-authz extension to correctly merge multiple request header values, when sending request for authorization.

CVSS Score

8.6

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Envoyproxy	Envoy	>= 1.16.0, < 1.16.5

Related Weaknesses (CWE)

CWE-863 CWE-551

References

https://github.com/envoyproxy/envoy/security/advisories/GHSA-6g4j-5vrw-2m8hThird Party Advisory
https://www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_historyRelease NotesVendor Advisory
https://github.com/envoyproxy/envoy/security/advisories/GHSA-6g4j-5vrw-2m8hThird Party Advisory
https://www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_historyRelease NotesVendor Advisory

FAQ

What is CVE-2021-32777?

CVE-2021-32777 is a vulnerability with a CVSS score of 8.6 (HIGH). Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions when ext-authz extension is sending request headers to the externa...

How severe is CVE-2021-32777?

CVE-2021-32777 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-32777?

Check the references section above for vendor advisories and patch information. Affected products include: Envoyproxy Envoy.