Disclosure Details CVE(s) CVE-2023-27496 CVE-2023-27488 CVE-2023-27493 CVE-2023-27492 CVE-2023-27491 CVE-2023-27487 CVSS Impact Score 8.2 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Affected Releases All releases prior to 1.15.0 1.15.0 to 1.15.6 1.16.0 to 1.16.3 1.17.0 to 1.17.1 CVE Envoy CVEs CVE-2023-27487: (CVSS Score 8.2, High): Client may fake the header x-envoy-original-path. CVE-2023-27488: (CVSS Score 5.4, Moderate): gRPC client produces invalid protobuf when an HTTP header with non-UTF8 value is received. CVE-2023-27491: (CVSS Score 5.4, Moderate): Envoy forwards invalid HTTP/2 and HTTP/3 downstream headers. CVE-2023-27492: (CVSS Score 4.8, Moderate): Crash when a large request body is processed in Lua filter. CVE-2023-27493: (CVSS Score 8.1, High): Envoy doesn’t escape HTTP header values. CVE-2023-27496: (CVSS Score 6.5, Moderate): Crash when a redirect url without a state parameter is received in the OAuth filter. Am I Impacted? You may be at risk if you have an Istio gateway or if you use external istiod.

The OpenSSL Project team announced two HIGH severity vulnerabilities (CVE-2022-3602, CVE-2022-3786) on Oct. 25, which affect all OpenSSL v3 versions... The post 5 Steps to Stop the Latest OpenSSL Vulnerabilities: CVE-2022-3602, CVE-2022-3786 appeared first on Sysdig.

TeamTNT is a prevalent threat actor who has been targeting cloud and virtual environments such as Kubernetes and Docker since... The post Threat news: TeamTNT targeting misconfigured kubelet appeared first on Sysdig.

We take a look at a WordPress plugin, abandoned and open to JavaScript related exploitation. Uninstall it now! The post Warning for WordPress admins: uninstall the Modern WPBakery plugin immediately! appeared first on Malwarebytes Labs.

Containers provide a number of security features that are not simply available on a normal host. One of those is... The post Compromising Read-Only Containers with Fileless Malware appeared first on Sysdig.

CVE-2022-1096 is yet another zero day vulnerability affecting web browsers. Cloudflare zero trust mitigates the risk of zero day attacks in the browser and has been patched

Today, researchers found a new HIGH vulnerability on the famous Spring Cloud Function leading to remote code execution (RCE). The... The post Detecting and Mitigating CVE-2022-22963: Spring Cloud RCE Vulnerability appeared first on Sysdig.

Linux maintainers disclosed a privilege escalation vulnerability in the Linux Kernel. The vulnerability has been issued a Common Vulnerability and... The post CVE-2022-0492: Privilege escalation vulnerability causing container escape appeared first on Sysdig.

Disclosure Details CVE(s) CVE-2022-23635 CVE-2021-43824 CVE-2021-43825 CVE-2021-43826 CVE-2022-21654 CVE-2022-21655 CVE-2022-23606 CVSS Impact Score 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Releases All releases prior to 1.11.0 1.11.0 to 1.11.6 1.12.0 to 1.12.3 1.13.0 CVE CVE-2022-23635 CVE-2022-23635: (CVSS Score 7.5, High): Unauthenticated control plane denial of service attack. The Istio control plane, istiod, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the attacker. For simple installations, istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially multicluster topologies, this port is exposed over the public internet. Envoy CVEs At this time it is not believed that Istio is vulnerable to these CVEs in Envoy. They are listed, however, to be transparent. CVE ID Score, Rating Description Fixed in 1.13.1 Fixed in 1.12.4 Fixed in 1.11.7 CVE-2021-43824 6.5, Medium Potential null pointer dereference when using JWT filter safe_regex match. Yes Yes Yes CVE-2021-43825 6.1, Medium Use-after-free when response filters increase response data, and increased data exceeds downstream buffer limits. Yes Yes Yes CVE-2021-43826 6.1, Medium Use-after-free when tunneling TCP over HTTP, if downstream disconnects during upstream connection establishment. Yes Yes Yes CVE-2022-21654 7.3, High Incorrect configuration handling allows mTLS session re-use without re-validation after validation settings have changed. Yes Yes Yes CVE-2022-21655 7.5, High Incorrect handling of internal redirects to routes with a direct response entry. Yes Yes Yes CVE-2022-23606 4.4, Moderate Stack exhaustion when a cluster is deleted via Cluster Discovery Service. Yes Yes N/A CVE-2022-21656 3.1, Low X.509 subjectAltName matching (and nameConstraints) bypass. No, next release. No, next release. Envoy did not backport this fix. CVE-2022-21657 3.1, Low X.509 Extended Key Usage and Trust Purposes bypass No, next release. No, next release. No, next release. Am I Impacted? You are at most risk if you are running Istio in a multi-cluster environment, or if you have exposed your istiod externally. Credit We would like to thank Adam Korczynski (ADA Logics) and John Howard (Google) for the report and the fix.