cve/2024/CVE-2024-45808.md

### [CVE-2024-45808](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45808)
![](https://img.shields.io/static/v1?label=Product&message=envoy&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%201.28.7%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3E%3D%201.29.0%2C%20%3C%201.29.9%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3E%3D%201.30.0%2C%20%3C%201.30.6%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3E%3D%201.31.0%2C%20%3C%201.31.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=1.29.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=1.30.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=1.31.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-117%3A%20Improper%20Output%20Neutralization%20for%20Logs&color=brightgreen)

### Description

Envoy is a cloud-native high-performance edge/middle/service proxy. A vulnerability has been identified in Envoy that allows malicious attackers to inject unexpected content into access logs. This is achieved by exploiting the lack of validation for the `REQUESTED_SERVER_NAME` field for access loggers. This issue has been addressed in versions 1.31.2, 1.30.6, 1.29.9, and 1.28.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

### POC

#### Reference
- https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc

#### Github
No PoCs found on GitHub currently.