CVE-2023-27493

Name of the Vulnerable Software and Affected Versions Envoy versions prior to 1.26.0 Envoy versions prior to 1.25.3 Envoy versions prior to 1.24.4 Envoy versions prior to 1.23.6 Envoy versions prior to 1.22.9

Description The issue is related to the insufficient sanitization of request properties when generating request headers in Envoy, an open source edge and service proxy. This can lead to characters that are illegal in header values being sent to the upstream service, potentially causing the upstream service to interpret the original request as two pipelined requests and bypassing the intent of Envoy's security policy. The problem can be exploited by a remote attacker to send hidden HTTP requests, also known as HTTP Request Smuggling attacks.

Recommendations For versions prior to 1.26.0, update to version 1.26.0 or later. For versions prior to 1.25.3, update to version 1.25.3 or later. For versions prior to 1.24.4, update to version 1.24.4 or later. For versions prior to 1.23.6, update to version 1.23.6 or later. For versions prior to 1.22.9, update to version 1.22.9 or later. As a temporary workaround, consider disabling the addition of request headers based on the downstream request properties, such as downstream certificate properties.