CVE-2023-30845 (CNNVD-202304-2109)

HIGH
中文标题:
Google ESPv2 授权问题漏洞
英文标题:
ESPv2 vulnerable to JWT authentication bypass via `X-HTTP-Method-Override` header
CVSS分数: 8.2
发布时间: 2023-04-26 20:46:25
漏洞类型: 授权问题
状态: PUBLISHED
数据质量分数: 0.30
数据版本: v3
漏洞描述
中文描述:

Google ESPv2是美国谷歌(Google)公司的一种通用的L7服务代理。可为JSON/REST或gRPC API服务启用API管理功能。 Google ESPv2 2.20.0至2.42.0版本存在授权问题漏洞,该漏洞源于API 客户端可以制作恶意的标头值绕过 JWT 身份验证。

英文描述:

ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious `X-HTTP-Method-Override` header value to bypass JWT authentication in specific cases. ESPv2 allows malicious requests to bypass authentication if both the conditions are true: The requested HTTP method is **not** in the API service definition (OpenAPI spec or gRPC `google.api.http` proto annotations, and the specified `X-HTTP-Method-Override` is a valid HTTP method in the API service definition. ESPv2 will forward the request to your backend without checking the JWT. Attackers can craft requests with a malicious `X-HTTP-Method-Override` value that allows them to bypass specifying JWTs. Restricting API access with API keys works as intended and is not affected by this vulnerability. Upgrade deployments to release v2.43.0 or higher to receive a patch. This release ensures that JWT authentication occurs, even when the caller specifies `x-http-method-override`. `x-http-method-override` is still supported by v2.43.0+. API clients can continue sending this header to ESPv2.

CWE类型:
CWE-287
标签:
(暂无数据)
受影响产品
厂商 产品 版本 版本范围 平台 CPE
GoogleCloudPlatform esp-v2 >= 2.20.0, < 2.43.0 - - cpe:2.3:a:googlecloudplatform:esp-v2:>=_2.20.0,_<_2.43.0:*:*:*:*:*:*:*
google espv2 * - - cpe:2.3:a:google:espv2:*:*:*:*:*:*:*:*
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
https://github.com/GoogleCloudPlatform/esp-v2/security/advisories/GHSA-6qmp-9p95-fc5f x_refsource_CONFIRM
cve.org
访问
https://github.com/GoogleCloudPlatform/esp-v2/commit/0bcdfc024ce96b34db4e1b4f2211b509d9be93cd x_refsource_MISC
cve.org
访问
https://github.com/GoogleCloudPlatform/esp-v2/commit/e95670146f5e96bb5565b0a9c1e153886b3e04ce x_refsource_MISC
cve.org
访问
https://github.com/GoogleCloudPlatform/esp-v2/commit/e98061ee4527a564506ba4e814c0ecf324dc2c6f x_refsource_MISC
cve.org
访问
CVSS评分详情
3.1 (cna)
HIGH
8.2
CVSS向量: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
机密性
HIGH
完整性
LOW
可用性
NONE
时间信息
发布时间:
2023-04-26 20:46:25
修改时间:
2025-02-03 16:45:28
创建时间:
2025-11-11 15:38:18
更新时间:
2025-11-11 15:57:55
利用信息
暂无可利用代码信息
数据源详情
数据源 记录ID 版本 提取时间
CVE cve_CVE-2023-30845 2025-11-11 15:21:56 2025-11-11 07:38:18
NVD nvd_CVE-2023-30845 2025-11-11 14:59:00 2025-11-11 07:46:26
CNNVD cnnvd_CNNVD-202304-2109 2025-11-11 15:11:11 2025-11-11 07:57:55
版本与语言
当前版本: v3
主要语言: EN
支持语言:
EN ZH
安全公告
暂无安全公告信息
变更历史
v3 CNNVD
2025-11-11 15:57:55
vulnerability_type: 未提取 → 授权问题; cnnvd_id: 未提取 → CNNVD-202304-2109; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
  • vulnerability_type: 未提取 -> 授权问题
  • cnnvd_id: 未提取 -> CNNVD-202304-2109
  • data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2 NVD
2025-11-11 15:46:26
affected_products_count: 1 → 2; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
  • affected_products_count: 1 -> 2
  • data_sources: ['cve'] -> ['cve', 'nvd']