6.3

CVE-2024-7246

Exploit

HPACK table poisoning in gRPC C++, Python & Ruby

It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values.

This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table.

Please update to a fixed version of gRPC as soon as possible. This bug has been fixed in 1.58.3, 1.59.5, 1.60.2, 1.61.3, 1.62.3, 1.63.2, 1.64.3, 1.65.4.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GrpcGrpc SwPlatform- Version < 1.58.3
GrpcGrpc SwPlatform- Version >= 1.59.0 < 1.59.5
GrpcGrpc SwPlatform- Version >= 1.60.0 < 1.60.2
GrpcGrpc SwPlatform- Version >= 1.61.0 < 1.61.3
GrpcGrpc SwPlatform- Version >= 1.62.0 < 1.62.3
GrpcGrpc SwPlatform- Version >= 1.63.0 < 1.63.2
GrpcGrpc SwPlatform- Version >= 1.64.0 < 1.64.3
GrpcGrpc SwPlatform- Version >= 1.65.0 < 1.65.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.04% 0.113
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cve-coordination@google.com 6.3 0 0
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-440 Expected Behavior Violation

A feature, API, or function does not perform according to its specification.

https://github.com/grpc/grpc/issues/36245
Patch
Exploit
Issue Tracking