When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained in  https://github.com/grpc/grpc/pull/33005 https://github.com/grpc/grpc/pull/33005
Published 2023-06-09 11:15:09
Updated 2023-06-15 22:18:49
Source Google Inc.
View at NVD,   CVE.org
Vulnerability category: Gain privilege

Products affected by CVE-2023-32731

Exploit prediction scoring system (EPSS) score for CVE-2023-32731

0.20%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 59 %
Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-32731

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
7.4
HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
2.2
5.2
Google Inc.
7.5
HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.9
3.6
NIST

CWE ids for CVE-2023-32731

References for CVE-2023-32731

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!