Summary

Acunetix 360 detected that your website uses the Envoy Proxy. Envoy is an open source edge and service proxy, designed for cloud-native applications.

Impact

This issue is reported as additional information only. There is no direct impact arising from this issue. However, Acunetix 360 was not able to identify the Envoy Proxy version that you are currently using. Please make sure that it is fully patched and up-to-date. Notable vulnerabilities that were found in recent years include CVE-2019-9900 (This allows remote attackers crafting header values containing embedded NULL characters to potentially bypass header matching rules, gaining access to unauthorized resources.) and CVE-2019-15225 (A remote attacker may send a request with a very long URI to result in a denial of service).

Severity

Information

Classification

CAPEC-224 CWE-200 ISO27001-A.18.1.3 WASC-45