6.3

CVE-2024-7246

Exploit

It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values.

This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table.

Please update to a fixed version of gRPC as soon as possible. This bug has been fixed in 1.58.3, 1.59.5, 1.60.2, 1.61.3, 1.62.3, 1.63.2, 1.64.3, 1.65.4.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GrpcGrpc SwPlatform- Version < 1.58.3
GrpcGrpc SwPlatform- Version >= 1.59.0 < 1.59.5
GrpcGrpc SwPlatform- Version >= 1.60.0 < 1.60.2
GrpcGrpc SwPlatform- Version >= 1.61.0 < 1.61.3
GrpcGrpc SwPlatform- Version >= 1.62.0 < 1.62.3
GrpcGrpc SwPlatform- Version >= 1.63.0 < 1.63.2
GrpcGrpc SwPlatform- Version >= 1.64.0 < 1.64.3
GrpcGrpc SwPlatform- Version >= 1.65.0 < 1.65.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.04% 0.105
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cve-coordination@google.com 6.3 0 0
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-440 Expected Behavior Violation

A feature, API, or function does not perform according to its specification.

https://github.com/grpc/grpc/issues/36245
Patch
Exploit
Issue Tracking