Search for vulnerabilities
Vulnerability details: VCID-areg-zn1d-aaaj
Vulnerability ID VCID-areg-zn1d-aaaj
Aliases CVE-2023-27492
Summary Multiple CVEs reported by Envoy.
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-770 Allocation of Resources Without Limits or Throttling
CWE-400 Uncontrolled Resource Consumption
System Score Found at
cvssv3 4.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27492.json
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
epss 0.00141 https://api.first.org/data/v1/epss?cve=CVE-2023-27492
cvssv3.1 4.8 https://github.com/envoyproxy/envoy/security/advisories/GHSA-wpc2-2jp6-ppg2
ssvc Track https://github.com/envoyproxy/envoy/security/advisories/GHSA-wpc2-2jp6-ppg2
cvssv3 6.5 https://nvd.nist.gov/vuln/detail/CVE-2023-27492
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2023-27492
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27492.json
https://api.first.org/data/v1/epss?cve=CVE-2023-27492
https://github.com/envoyproxy/envoy/security/advisories/GHSA-wpc2-2jp6-ppg2
2179139 https://bugzilla.redhat.com/show_bug.cgi?id=2179139
cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*
CVE-2023-27492 https://nvd.nist.gov/vuln/detail/CVE-2023-27492
ISTIO-SECURITY-2023-001 https://istio.io/latest/news/security/ISTIO-SECURITY-2023-001/
RHSA-2023:4623 https://access.redhat.com/errata/RHSA-2023:4623
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27492.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/envoyproxy/envoy/security/advisories/GHSA-wpc2-2jp6-ppg2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T16:13:50Z/ Found at https://github.com/envoyproxy/envoy/security/advisories/GHSA-wpc2-2jp6-ppg2
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-27492
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-27492
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.08388
EPSS Score 0.00034
Published At April 15, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.