Envoy is a cloud-native high-performance edge/middle/service proxy. A vulnerability has been identified in Envoy that allows malicious attackers to inject unexpected content into access logs. This is achieved by exploiting the lack of validation for the `REQUESTED_SERVER_NAME` field for access loggers. This issue has been addressed in versions 1.31.2, 1.30.6, 1.29.9, and 1.28.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
openshift-service Rocky
Fixed in: mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le RHSA-2024:7726 Fixed in: mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le RHSA-2024:7726 Fixed in: mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le RHSA-2024:7726 Fixed in: mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le RHSA-2024:7726 Fixed in: mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le RHSA-2024:7726 Fixed in: mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64 RHSA-2024:7726 Fixed in: mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64 RHSA-2024:7726 Fixed in: mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64 RHSA-2024:7726 Fixed in: mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64 RHSA-2024:7726 Fixed in: mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64 RHSA-2024:7726 Fixed in: mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64 RHSA-2024:7726 Fixed in: mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64 RHSA-2024:7726 Fixed in: mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64 RHSA-2024:7726 Fixed in: mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64 RHSA-2024:7726 Fixed in: mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64 RHSA-2024:7726 Fixed in: mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x RHSA-2024:7726 Fixed in: mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x RHSA-2024:7726 Fixed in: mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x RHSA-2024:7726 Fixed in: mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x RHSA-2024:7726 Fixed in: mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x RHSA-2024:7726 openshift-service Red Hat / RHEL
Fixed in: mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64 RHSA-2024:7726 Fixed in: mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64 RHSA-2024:7726 Fixed in: mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x RHSA-2024:7726 Fixed in: mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x RHSA-2024:7726 Fixed in: mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le RHSA-2024:7726 Fixed in: mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x RHSA-2024:7726 Fixed in: mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x RHSA-2024:7726 Fixed in: mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x RHSA-2024:7726 Fixed in: mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le RHSA-2024:7726 Fixed in: mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le RHSA-2024:7726 Fixed in: mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64 RHSA-2024:7726 Fixed in: mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le RHSA-2024:7726 Fixed in: mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64 RHSA-2024:7726 Fixed in: mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le RHSA-2024:7726 Fixed in: mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64 RHSA-2024:7726 Fixed in: mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64 RHSA-2024:7726 Fixed in: mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64 RHSA-2024:7726 Fixed in: mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64 RHSA-2024:7726 Fixed in: mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64 RHSA-2024:7726 Fixed in: mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64 RHSA-2024:7726 openshift-service-mesh/istio Rocky
Fixed in: cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64 RHSA-2024:7726 Fixed in: cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64 RHSA-2024:7726 Fixed in: cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x RHSA-2024:7726 Fixed in: rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le RHSA-2024:7726 Fixed in: cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le RHSA-2024:7726 Fixed in: rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64 RHSA-2024:7726 Fixed in: rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x RHSA-2024:7726 Fixed in: rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64 RHSA-2024:7726 openshift-service-mesh/istio Red Hat / RHEL
Fixed in: rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x RHSA-2024:7726 Fixed in: cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le RHSA-2024:7726 Fixed in: cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64 RHSA-2024:7726 Fixed in: rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le RHSA-2024:7726 Fixed in: rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64 RHSA-2024:7726 Fixed in: cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x RHSA-2024:7726 Fixed in: cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64 RHSA-2024:7726 Fixed in: rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64 RHSA-2024:7726 openshift-service-mesh/istio-must Red Hat / RHEL
Fixed in: gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le RHSA-2024:7726 Fixed in: gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64 RHSA-2024:7726 Fixed in: gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64 RHSA-2024:7726 Fixed in: gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x RHSA-2024:7726 openshift-service-mesh/istio-must Rocky
Fixed in: gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x RHSA-2024:7726 Fixed in: gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64 RHSA-2024:7726 Fixed in: gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le RHSA-2024:7726 Fixed in: gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64 RHSA-2024:7726 openshift-service-mesh/kiali Rocky
Fixed in: ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64 RHSA-2024:7726 Fixed in: ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le RHSA-2024:7726 Fixed in: rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le RHSA-2024:7726 Fixed in: ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64 RHSA-2024:7726 Fixed in: rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64 RHSA-2024:7726 Fixed in: rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64 RHSA-2024:7726 Fixed in: ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x RHSA-2024:7726 Fixed in: rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x RHSA-2024:7726 openshift-service-mesh/kiali Red Hat / RHEL
Fixed in: rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le RHSA-2024:7726 Fixed in: ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64 RHSA-2024:7726 Fixed in: rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64 RHSA-2024:7726 Fixed in: ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64 RHSA-2024:7726 Fixed in: rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64 RHSA-2024:7726 Fixed in: ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x RHSA-2024:7726 Fixed in: rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x RHSA-2024:7726 Fixed in: ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le RHSA-2024:7726 Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
Exploitability
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Impact
Confidentiality Low
Integrity Low
Availability None
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
0.35% probability of exploitation in 30 days
27th percentile
Low risk: more likely to be exploited than 27% of all known CVEs.
Embed a live status badge for CVE-2024-45808 Markdown
[](https://tridentstack.com/cve/CVE-2024-45808)HTML
<a href="https://tridentstack.com/cve/CVE-2024-45808"><img src="https://tridentstack.com/cve/badge/CVE-2024-45808.svg" alt="CVE-2024-45808"></a>Find and fix vulnerabilities across your fleet TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start free This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-09-25.