Pio1006 / envoy

Cloud-native high-performance edge/middle/service proxy
https://www.envoyproxy.io
Apache License 2.0
0 stars 0 forks source link

CVE-2022-29226 (Critical) detected in envoy1.12.0-alpha.1, envoy1.12.0-alpha.1 #47

Open mend-for-github-com[bot] opened 5 months ago

mend-for-github-com[bot] commented 5 months ago

CVE-2022-29226 - Critical Severity Vulnerability

Vulnerable Libraries - envoy1.12.0-alpha.1, envoy1.12.0-alpha.1

Vulnerability Details

Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter implementation does not include a mechanism for validating access tokens, so by design when the HMAC signed cookie is missing a full authentication flow should be triggered. However, the current implementation assumes that access tokens are always validated thus allowing access in the presence of any access token attached to the request. Users are advised to upgrade. There is no known workaround for this issue.

Publish Date: 2022-06-09

URL: CVE-2022-29226

CVSS 3 Score Details (10.0)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Changed - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://github.com/envoyproxy/envoy/security/advisories/GHSA-h45c-2f94-prxh

Release Date: 2022-06-09

Fix Resolution: v1.21.3,v1.22.1