Vulnerability CVE-2022-21654

Vulnerability Name:

CVE-2022-21654 (CCN-220189)

Assigned:

2021-11-16

Published:

2022-02-22

Updated:

2022-03-03

Summary:

Envoy is an open source edge and service proxy, designed for cloud-native applications. Envoy's tls allows re-use when some cert validation settings have changed from their default configuration. The only workaround for this issue is to ensure that default tls settings are used. Users are advised to upgrade.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): None

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

8.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): None

Vulnerability Type:

CWE-295

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2022-21654

Source: XF
Type: UNKNOWN
envoy-cve202221654-weak-security(220189)

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/envoyproxy/envoy/commit/e9f936d85dc1edc34fabd0a1725ec180f2316353

Source: CCN
Type: Envoy GIT Repository
Incorrect configuration handling allows mTLS session re-use without re-validation after validation settings have changed

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://github.com/envoyproxy/envoy/security/advisories/GHSA-5j4x-g36v-m283

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2022-21654

Vulnerable Configuration:

Configuration 1:

cpe:/a:envoyproxy:envoy:*:*:*:*:*:*:*:* (Version >= 1.7.0 and < 1.18.6)

OR cpe:/a:envoyproxy:envoy:*:*:*:*:*:*:*:* (Version >= 1.19.0 and < 1.19.3)

OR cpe:/a:envoyproxy:envoy:*:*:*:*:*:*:*:* (Version >= 1.20.0 and < 1.20.2)

OR cpe:/a:envoyproxy:envoy:*:*:*:*:*:*:*:* (Version >= 1.21.0 and < 1.21.1)

Denotes that component is vulnerable

BACK