Vulnerabilities > CVE-2020-8664 - Incorrect Authorization vulnerability in Cncf Envoy 1.13.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret (e.g. trusted CA) across many resources together with the combined validation context could lead to the “static” part of the validation context to be not applied, even though it was visible in the active config dump.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2020-2_0-0229_ENVOY.NASL description An update of the envoy package has been released. last seen 2020-04-30 modified 2020-04-22 plugin id 135867 published 2020-04-22 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135867 title Photon OS 2.0: Envoy PHSA-2020-2.0-0229 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0734.NASL description Red Hat OpenShift Service Mesh 1.0.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Service Mesh is Red Hat last seen 2020-03-18 modified 2020-03-09 plugin id 134345 published 2020-03-09 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134345 title RHEL 8 : openshift (RHSA-2020:0734) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2020-1_0-0290_ENVOY.NASL description An update of the envoy package has been released. last seen 2020-05-03 modified 2020-04-29 plugin id 136105 published 2020-04-29 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136105 title Photon OS 1.0: Envoy PHSA-2020-1.0-0290
Redhat
advisories |
| ||||
rpms | servicemesh-proxy-0:1.0.9-2.el8 |