FKIE_CVE-2024-53271

Vulnerability from fkie_nvd - Published: 2024-12-18 20:15 - Updated: 2025-09-04 14:03
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
Summary
Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to upgrade. There are no known workarounds for this issue.
References
security-advisories@github.comhttps://github.com/envoyproxy/envoy/commit/da56f6da63079baecef9183436ee5f4141a59af8Patch
security-advisories@github.comhttps://github.com/envoyproxy/envoy/security/advisories/GHSA-rmm5-h2wv-mg4fExploit, Third Party Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0https://github.com/envoyproxy/envoy/security/advisories/GHSA-rmm5-h2wv-mg4fExploit, Third Party Advisory
Impacted products
Vendor Product Version
envoyproxy envoy *
envoyproxy envoy *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1095DF48-5B40-4A98-97B5-6E021499D800",
              "versionEndExcluding": "1.31.5",
              "versionStartIncluding": "1.31.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF745ED8-3027-44F9-A1C9-16C393C02779",
              "versionEndIncluding": "1.32.3",
              "versionStartIncluding": "1.32.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy  does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to upgrade. There are no known workarounds for this issue."
    },
    {
      "lang": "es",
      "value": "Envoy es un proxy de servicio, de borde y de medio alcance de alto rendimiento nativo de la nube. En las versiones afectadas, Envoy no gestiona correctamente las respuestas 1xx no 101 de http 1.1. Esto puede provocar fallas en los dispositivos conectados en red. Este problema se ha solucionado en las versiones 1.31.5 y 1.32.3. Se recomienda a los usuarios que actualicen. No existen workarounds conocidos para este problema."
    }
  ],
  "id": "CVE-2024-53271",
  "lastModified": "2025-09-04T14:03:45.613",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.2,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-12-18T20:15:24.433",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/envoyproxy/envoy/commit/da56f6da63079baecef9183436ee5f4141a59af8"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-rmm5-h2wv-mg4f"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-rmm5-h2wv-mg4f"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-670"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.