REDHAT-BUG-2179135
First published: Thu Mar 16 2023(Updated: )
The header x-envoy-original-path should be an internal header, but Envoy does not remove this header from the request at the beginning of request processing when it is sent from an untrusted client. The faked header would then be used for trace logs and grpc logs, as well as used in the URL used for jwt_authn checks if the jwt_authn filter is used, and any other upstream use of the x-envoy-original-path header.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Envoy Proxy |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-2179135?
The severity of REDHAT-BUG-2179135 is classified as high due to potential impact on application security.
How do I fix REDHAT-BUG-2179135?
To fix REDHAT-BUG-2179135, ensure that you update Envoy to the latest patched version that addresses the vulnerability.
What are the risks associated with REDHAT-BUG-2179135?
The risks associated with REDHAT-BUG-2179135 include exposure of sensitive information and potential exploitation by malicious actors.
Which versions of Envoy are affected by REDHAT-BUG-2179135?
REDHAT-BUG-2179135 affects several versions of Envoy, so all instances should be evaluated for risk.
Is there a workaround for REDHAT-BUG-2179135?
A temporary workaround for REDHAT-BUG-2179135 involves removing the x-envoy-original-path header from requests if possible.
- agent/references
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-27487
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/envoy
- canonical/envoy proxy