Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner
Description
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CVE-2023-2816: HashiCorp Consul allows users with service:write to patch downstream Envoy proxies even without permission on those services, leading to privilege escalation.
Vulnerability
Overview
CVE-2023-2816 affects HashiCorp Consul and Consul Enterprise versions 1.15.0 through 1.15.2. The vulnerability lies in the authorization logic for Envoy extensions configured via service-defaults configuration entries. HashiCorp's internal testing found that any user holding the service:write permission for a specific service could use Envoy extensions—particularly the Lua extension—to modify the configuration of remote proxy instances that target the configured service, even if that user lacked permission to modify the downstream services those proxies belong to [1][2].
Root
Cause and Exploitation
Consul supports Envoy extensions such as Lambda and Lua to customize proxy behavior. The Lambda extension was designed to legitimately patch downstream proxies that call a Lambda function; however, the Lua extension is intended only to patch the local proxy of the configured service. Because the authorization check only verified service:write on the service being configured, it did not enforce that the user also had permission on the services whose proxies would be remotely patched by the extension. An attacker with service:write on one service could leverage the Lua extension to inject arbitrary Lua scripts into HTTP filters of downstream proxy instances, thereby altering traffic handling for services they are not authorized to modify [2].
Impact
A successful exploit allows an authenticated attacker with limited service:write permissions to influence the behavior of Envoy proxies serving other services, potentially leading to traffic redirection, data exposure, or denial of service. The vulnerability represents an authorization bypass where downstream proxy configuration can be altered by the owner of an upstream service without proper scoping of permissions [2].
Mitigation
HashiCorp addressed the issue in Consul and Consul Enterprise version 1.15.3 by improving the authorization checks so that Envoy extensions like Lua cannot be applied to proxies for which the user does not have explicit write permissions. Users should upgrade to 1.15.3 or later. No workarounds are listed; the fix is available in the official repository [2][3].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/hashicorp/consulGo | >= 1.15.0, < 1.15.3 | 1.15.3 |
Affected products
4- osv-coords2 versions
>= 1.15.0, < 1.15.3+ 1 more
- (no CPE)range: >= 1.15.0, < 1.15.3
- (no CPE)range: >= 1.15.0, < 1.15.3
- HashiCorp/Consulv5Range: 1.15.0
- HashiCorp/Consul Enterprisev5Range: 1.15.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.