10Şub
CVE-2024-23324 | envoyproxy envoy up to 1.26.6/1.27.2/1.28.0/1.29.0 Downstream ext_authz access control (GHSA-gq3v-vvhj-96j6)
A vulnerability has been found in envoyproxy envoy up to 1.26.6/1.27.2/1.28.0/1.29.0 and classified as critical. Affected by this vulnerability is the functionext_authz
of the component Downstream Handler. The manipulation leads to improper access controls.
This vulnerability is known as CVE-2024-23324. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.