6.3

CVSS Score

4.0

-

CVSS Score

Basic Information

CVE ID

CVE-2024-7246

GHSA ID

GHSA-ghwg-gpp4-w4x3

EPSS Score

0.17378%

CWE

CWE-440

Published

8/6/2024

Updated

8/6/2024

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-7246

CVE-2024-7246: It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table...

It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values.

This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table.

Please update to a fixed version of gRPC as soon as possible. This bug has been fixed in 1.58.3, 1.59.5, 1.60.2, 1.61.3, 1.62.3, 1.63.2, 1.64.3, 1.65.4.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2024-7246

CVE-2024-7246:

6.3

CVSS Score

4.0

-

CVSS Score

Basic Information

CVE ID

CVE-2024-7246

GHSA ID

GHSA-ghwg-gpp4-w4x3

EPSS Score

0.17378%

CWE

CWE-440

Published

8/6/2024

Updated

8/6/2024

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability is caused by the error status of a misencoded header not being cleared, leading to subsequent headers being poisoned. The patch addresses this by introducing a separate field_error status that is cleared at the beginning of parsing each new header in HPackParser::Parser::ParseTop via the new HPackParser::Input::ClearFieldError function. Modifications in HPackParser::Parser::ParseHPackString and the constructors/error setting functions within HPackParser::Input support this new fine-grained error handling. The functions listed were directly involved in the vulnerable logic of parsing headers and handling their errors.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

6.3

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2024-7246: It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table...

CVE-2024-7246:

6.3

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

CVE-2024-7246: It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table...

Basic Information

Basic Information

6.3

6.3

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI