Lucene search
Veracode Vulnerability DatabaseVERACODE:30428HistoryMay 13, 2021 - 10:28 a.m.
Privilege Escalation
2021-05-1310:28:49
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
servicemesh-proxy
privilege escalation
http request
vulnerability
authorization service
EPSS
0.004
Percentile
73.7%
servicemesh-proxy is vulnerable to privilege escalation. An attacker is able to exploit the vulnerability by crafting an HTTP request that defines a certain pattern of escaped characters in the URI path (such as %2F, %2f, %5C or %5c), allowing them to bypass the authorization service.
Related
prion
prion
Path traversal
2021-05-28 21:15:00
osv
osv
BIT-envoy-2021-29492
2024-03-06 10:58:39
CVE-2021-29492
2021-05-28 21:15:08
nvd
nvd
CVE-2021-29492
2021-05-28 21:15:08
redhatcve
redhatcve
CVE-2021-29492
2021-05-11 20:55:48
CVE-2021-31920
2021-05-11 20:55:56
cnvd
cnvd
Envoy path traversal vulnerability
2021-05-17 00:00:00
nessus
nessus
Photon OS 1.0: Envoy PHSA-2021-1.0-0405
2021-06-22 00:00:00
RHEL 8 : Red Hat OpenShift Service Mesh 1.1.14 (RHSA-2021:1540)
2021-05-13 00:00:00
RHEL 8 : Red Hat OpenShift Service Mesh 2.0.4 (RHSA-2021:1538)
2021-05-12 00:00:00
cvelist
cvelist
CVE-2021-29492 Bypass of path matching rules using escaped slash characters
2021-05-28 21:00:24
cve
cve
CVE-2021-29492
2021-05-28 21:15:08
photon
photon
redhat
redhat