Description

When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not reject embedded zero characters (NUL, ASCII 0x0). This allows remote attackers crafting header values containing embedded NUL characters to potentially bypass header matching rules, gaining access to unauthorized resources.

Remediation

References

CVE-2019-9900

Related Vulnerabilities

Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)

Atlassian Jira CVE-2021-39123 Vulnerability (CVE-2021-39123)

TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-3583)

WordPress Plugin WooCommerce-Store Toolkit Privilege Escalation (1.5.7)

b2evolution Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5910)

Severity

High

Classification

CVE-2019-9900 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities