CVE-2024-45806 | Envoy up to 1.28.6/1.29.4/1.30.0 internal_address_config authorization (GHSA-ffhv-fvxq-r6mf)

Posted by Angelo Barbosa | Sep 20, 2024 | CVE

A vulnerability has been found in Envoy up to 1.28.6/1.29.4/1.30.0 and classified as critical. This vulnerability affects unknown code. The manipulation of the argument internal_address_config leads to authorization bypass.

This vulnerability was named CVE-2024-45806. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45806 | Envoy up to 1.28.6/1.29.4/1.30.0 internal_address_config authorization (GHSA-ffhv-fvxq-r6mf)

Related Posts

CVE-2023-7110 | code-projects Library Management System 2.0 login.php student sql injection

CVE-2024-24850 | Mark Stockton Quicksand Post Filter jQuery Plugin up to 3.1.1 on WordPress Authorization authorization

CVE-2024-5800 | B&R Industrial Automation Automation Runtime up to 6.0.0 SSL/TLS inadequate encryption

CVE-2024-37245 | Vsourz Digital All In One Redirection Plugin up to 2.2.0 on WordPress cross site scripting