ISTIO-SECURITY-2021-003
| Disclosure Details | |
|---|---|
| CVE(s) | CVE-2021-28683 CVE-2021-28682 CVE-2021-29258 |
| CVSS Impact Score | 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Affected Releases | All releases prior to 1.8.5 1.9.0 to 1.9.2 |
Envoy, and subsequently Istio, is vulnerable to several newly discovered vulnerabilities:
- CVE-2021-28683:
Envoy contains a remotely exploitable NULL pointer dereference and crash in TLS when an unknown TLS alert code is received.
- CVSS Score: 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- CVE-2021-28682:
Envoy contains a remotely exploitable integer overflow in which a very large grpc-timeout value leads to unexpected timeout calculations.
- CVSS Score: 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- CVE-2021-29258:
Envoy contains a remotely exploitable vulnerability where an HTTP2 request with an empty metadata map can cause Envoy to crash.
- CVSS Score: 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Reporting vulnerabilities
We’d like to remind our community to follow the vulnerability reporting process to report any bug that can result in a security vulnerability.