CVE-2023-27496

CVE Details

Release Date:2023-04-04

Description


Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the OAuth filter assumes that a state query param is present on any response that looks like an OAuth redirect response. Sending it a request with the URI path equivalent to the redirect path, without the state parameter, will lead to abnormal termination of Envoy process. Versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9 contain a patch. The issue can also be mitigated by locking down OAuth traffic, disabling the filter, or by filtering traffic before it reaches the OAuth filter (e.g. via a lua script).

See more information about CVE-2023-27496 from MITRE CVE dictionary and NIST NVD


CVSS v3.0 metrics


NOTE: The following CVSS v3.0 metrics and score provided are preliminary and subject to review.

Base Score: 7.5 Base Metrics: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Vector: Network Attack Complexity: Low
Privileges Required: None User Interaction: None
Scope: Unchanged Confidentiality Impact: None
Integrity Impact: None Availability Impact: High

Errata information


PlatformErrataRelease Date
Oracle Linux version 7 (istio)ELSA-2023-123552023-06-02
Oracle Linux version 7 (istio)ELSA-2023-123572023-06-02
Oracle Linux version 7 (kubernetes)ELSA-2023-123552023-06-02
Oracle Linux version 7 (kubernetes)ELSA-2023-123572023-06-02
Oracle Linux version 7 (olcne)ELSA-2023-123552023-06-02
Oracle Linux version 7 (olcne)ELSA-2023-123572023-06-02
Oracle Linux version 7 (olcne)ELSA-2023-236492023-06-02
Oracle Linux version 8 (istio)ELSA-2023-123542023-06-02
Oracle Linux version 8 (istio)ELSA-2023-123562023-06-02
Oracle Linux version 8 (kubernetes)ELSA-2023-123542023-06-02
Oracle Linux version 8 (kubernetes)ELSA-2023-123562023-06-02
Oracle Linux version 8 (olcne)ELSA-2023-123542023-06-02
Oracle Linux version 8 (olcne)ELSA-2023-123562023-06-02
Oracle Linux version 8 (olcne)ELSA-2023-236482023-06-02



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete