CVE-2021-43824

Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions a crafted request crashes Envoy when a CONNECT request is sent to JWT filter configured with regex match. This provides a denial of service attack vector. The only workaround is to not use regex in the JWT filter. Users are advised to upgrade.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
GitHub_MCNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
VendorProductVersion
envoyproxyenvoy
𝑥
< 1.18.6
envoyproxyenvoy
1.19.0 ≤
𝑥
< 1.19.3
envoyproxyenvoy
1.20.0 ≤
𝑥
< 1.20.2
envoyproxyenvoy
1.21.0 ≤
𝑥
< 1.21.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/envoyproxy/envoy/commit/9371333230b1a6e1be2eccf4868771e11af6253a
https://github.com/envoyproxy/envoy/security/advisories/GHSA-vj5m-rch8-5r2p
https://github.com/envoyproxy/envoy/commit/9371333230b1a6e1be2eccf4868771e11af6253a
https://github.com/envoyproxy/envoy/security/advisories/GHSA-vj5m-rch8-5r2p