Lucene search
China National Vulnerability DatabaseCNVD-2022-15535HistoryFeb 24, 2022 - 12:00 a.m.
Envoy Trust Management Issue Vulnerability (CNVD-2022-15535)
2022-02-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
27
envoy
distributed proxy server
trust management
tls
certificate authentication
vulnerability
cnvd-2022-15535
EPSS
0.002
Percentile
59.6%
Envoy is an open source distributed proxy server. Envoy is vulnerable to a trust management issue, which stems from the fact that Envoy’s tls allows certain certificate authentication settings to be reused after they have been changed from their default configuration. No detailed vulnerability details are currently available.
Related
redhatcve
redhatcve
CVE-2022-21654
2022-02-23 02:36:21
cve
cve
CVE-2022-21654
2022-02-22 23:15:11
cvelist
cvelist
osv
osv
BIT-envoy-2022-21654
2024-03-06 10:56:26
CVE-2022-21654
2022-02-22 23:15:11
Multiple security issues in Pomerium's embedded envoy
2022-03-01 22:04:17
nvd
nvd
CVE-2022-21654
2022-02-22 23:15:11
prion
prion
Default configuration
2022-02-22 23:15:00
veracode
veracode
Incorrect Default Configuration
2022-06-02 20:45:53
github
github
Multiple security issues in Pomerium's embedded envoy
2022-03-01 22:04:17
redhat
redhat
nessus
nessus
RHEL 8 : Red Hat OpenShift Service Mesh 2.1.2 (RHSA-2022:1275)
2022-04-08 00:00:00
RHEL 8 : Red Hat OpenShift Service Mesh 2.0.9 (RHSA-2022:1276)
2022-04-08 00:00:00