What is CVE-2021-32777?

CVE-2021-32777 is a vulnerability in Envoy, an open source L7 proxy and communication bus, that allows an attacker to bypass authorization checks.

How does CVE-2021-32777 work?

In affected versions of Envoy, when the ext-authz extension sends request headers to the external authorization service, it does not correctly merge multiple value headers according to the HTTP specification, allowing an attacker to bypass authorization checks.

What is the severity of CVE-2021-32777?

CVE-2021-32777 has a severity rating of 8.3 out of 10, indicating a high-risk vulnerability.

Which versions of Envoy are affected by CVE-2021-32777?

Envoy versions 1.16.0 to 1.16.5, 1.17.0 to 1.17.4, 1.18.0 to 1.18.4, and 1.19.0 are affected by CVE-2021-32777.

How can I fix CVE-2021-32777?

To fix CVE-2021-32777, upgrade to a version of Envoy that is not affected (e.g., 1.19.1 or newer) and follow the guidance provided by the Envoy project.

Vulnerability/
CVE-2021-32777

high

8.6

CWE

863 551

24/8/2021

15/6/2022

CVE-2021-32777

First published: Tue Aug 24 2021(Updated: )

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions when ext-authz extension is sending request headers to the external authorization service it must merge multiple value headers according to the HTTP spec. However, only the last header value is sent. This may allow specifically crafted requests to bypass authorization. Attackers may be able to escalate privileges when using ext-authz extension or back end service that uses multiple value headers for authorization. A specifically constructed request may be delivered by an untrusted downstream peer in the presence of ext-authz extension. Envoy versions 1.19.1, 1.18.4, 1.17.4, 1.16.5 contain fixes to the ext-authz extension to correctly merge multiple request header values, when sending request for authorization.

Credit: security-advisories@github.com

Affected Software	Affected Version	How to fix
Envoyproxy Envoy	>=1.16.0<1.16.5
Envoyproxy Envoy	>=1.17.0<1.17.4
Envoyproxy Envoy	>=1.18.0<1.18.4
Envoyproxy Envoy	=1.19.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2021-32777?
CVE-2021-32777 is a vulnerability in Envoy, an open source L7 proxy and communication bus, that allows an attacker to bypass authorization checks.
How does CVE-2021-32777 work?
In affected versions of Envoy, when the ext-authz extension sends request headers to the external authorization service, it does not correctly merge multiple value headers according to the HTTP specification, allowing an attacker to bypass authorization checks.
What is the severity of CVE-2021-32777?
CVE-2021-32777 has a severity rating of 8.3 out of 10, indicating a high-risk vulnerability.
Which versions of Envoy are affected by CVE-2021-32777?
Envoy versions 1.16.0 to 1.16.5, 1.17.0 to 1.17.4, 1.18.0 to 1.18.4, and 1.19.0 are affected by CVE-2021-32777.
How can I fix CVE-2021-32777?
To fix CVE-2021-32777, upgrade to a version of Envoy that is not affected (e.g., 1.19.1 or newer) and follow the guidance provided by the Envoy project.

collector/nvd-index
vendor/envoyproxy
canonical/envoyproxy envoy
version/envoyproxy envoy/1.16.0
version/envoyproxy envoy/1.17.0
version/envoyproxy envoy/1.18.0
version/envoyproxy envoy/1.19.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.