CVE-2020-8664 - OpenCVE

CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret (e.g. trusted CA) across many resources together with the combined validation context could lead to the “static” part of the validation context to be not applied, even though it was visible in the active config dump.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Cncf	Envoy

Configuration 1 [-]

cpe:2.3:a:cncf:envoy:*:*:*:*:*:*:*:*

References

Link	Resource
https://access.redhat.com/errata/RHSA-2020:0734	Third Party Advisory
https://github.com/envoyproxy/envoy/security/advisories/GHSA-3x9m-pgmg-xpx8	Third Party Advisory
https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history	Release Notes Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-03-04T20:53:13

Updated: 2020-03-11T11:06:33

Reserved: 2020-02-06T00:00:00

Link: CVE-2020-8664

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-03-04T21:15:11.497

Modified: 2021-07-21T11:39:23.747

Link: CVE-2020-8664

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret (e.g. trusted CA) across many resources together with the combined validation context could lead to the \u201cstatic\u201d part of the validation context to be not applied, even though it was visible in the active config dump."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-03-11T11:06:33", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3x9m-pgmg-xpx8"}, {"name": "RHSA-2020:0734", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2020:0734"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-8664", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret (e.g. trusted CA) across many resources together with the combined validation context could lead to the \u201cstatic\u201d part of the validation context to be not applied, even though it was visible in the active config dump."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history", "refsource": "CONFIRM", "url": "https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history"}, {"name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3x9m-pgmg-xpx8", "refsource": "MISC", "url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3x9m-pgmg-xpx8"}, {"name": "RHSA-2020:0734", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2020:0734"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-8664", "datePublished": "2020-03-04T20:53:13", "dateReserved": "2020-02-06T00:00:00", "dateUpdated": "2020-03-11T11:06:33", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cncf:envoy:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F6EEB31-7DC7-4778-8EB5-B4C6E0CC2ED1", "versionEndIncluding": "1.13.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret (e.g. trusted CA) across many resources together with the combined validation context could lead to the \u201cstatic\u201d part of the validation context to be not applied, even though it was visible in the active config dump."}, {"lang": "es", "value": "CNCF Envoy versiones hasta 1.13.0, presenta un Control de Acceso incorrecto cuando se usa SDS con Contexto de Comprobaci\u00f3n Combinada. Al utilizar el mismo secreto (por ejemplo, CA de confianza) a trav\u00e9s de muchos recursos junto con el contexto de comprobaci\u00f3n combinado podr\u00eda conllevar a que la parte \u201cstatic\u201d del contexto de comprobaci\u00f3n no sea aplicada, a\u00fan y cuando fuera visible en el volcado de la configuraci\u00f3n activa."}], "id": "CVE-2020-8664", "lastModified": "2021-07-21T11:39:23.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-03-04T21:15:11.497", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2020:0734"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3x9m-pgmg-xpx8"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}