Page 3 of 23 results (0.009 seconds)

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1

Istio before 1.8.6 and 1.9.x before 1.9.5 contains a remotely exploitable vulnerability where an external client can access unexpected services in the cluster, bypassing authorization checks, when a gateway is configured with AUTO_PASSTHROUGH routing configuration. Istio antes de la versión 1.8.6 y 1.9.x antes de la versión 1.9.5 contiene una vulnerabilidad explotable de forma remota por la que un cliente externo puede acceder a servicios inesperados en el clúster, saltándose las comprobaciones de autorización, cuando una puerta de enlace está configurada con la configuración de enrutamiento AUTO_PASSTHROUGH An authorization bypass vulnerability was found in istio. When the istio gateway is configured with TLS mode `AUTO_PASSTHROUGH`, it is possible for a malicious user to bypass the authorization checks and gain access to protected services. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://istio.io/latest/news/security/istio-security-2021-006 https://access.redhat.com/security/cve/CVE-2021-31921 https://bugzilla.redhat.com/show_bug.cgi?id=1955396 • CWE-862: Missing Authorization CWE-863: Incorrect Authorization •

CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 1

Istio before 1.8.6 and 1.9.x before 1.9.5 has a remotely exploitable vulnerability where an HTTP request path with multiple slashes or escaped slash characters (%2F or %5C) could potentially bypass an Istio authorization policy when path based authorization rules are used. Istio versiones anteriores a 1.8.6 y versiones 1.9.x anteriores a 1.9.5 presenta una vulnerabilidad explotable de forma remota en la que una ruta de petición HTTP con múltiples barras o caracteres de barra de escape (%2F o %5C) podría omitir potencialmente una política de autorización de Istio cuando las reglas de autorización basadas en la ruta son usadas An authorization bypass flaw was found in Istio. This flaw allows an attacker to craft an HTTP request that defines a certain pattern of escaped characters in the URI path (such as %2F, %2f, %5C, or %5c), allowing them to bypass the authorization service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://istio.io/latest/news/security/istio-security-2021-005 https://access.redhat.com/security/cve/CVE-2021-31920 https://bugzilla.redhat.com/show_bug.cgi?id=1959481 • CWE-706: Use of Incorrectly-Resolved Name or Reference CWE-863: Incorrect Authorization •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

A NULL pointer dereference was found in pkg/proxy/envoy/v2/debug.go getResourceVersion in Istio pilot before 1.5.0-alpha.0. If a particular HTTP GET request is made to the pilot API endpoint, it is possible to cause the Go runtime to panic (resulting in a denial of service to the istio-pilot application). Se encontró una desreferencia del puntero NULL en el archivo pkg/proxy/envoy/v2/debug.go en la función getResourceVersion en Istio pilot versiones anteriores a 1.5.0-alpha.0. Si es realizado una petición HTTP GET en particular al endpoint de la API pilot, es posible que el tiempo de ejecución de Go entre en pánico (resultando en una denegación de servicio para la aplicación istio-pilot) An out-of-bounds read flaw was found in istio-pilot. This flaw allows an attacker to send a crafted HTTP GET request to the pilot debug API endpoint. • https://bugzilla.redhat.com/show_bug.cgi?id=1919066 https://github.com/istio/istio/compare/1.4.2...1.5.0-alpha.0 https://access.redhat.com/security/cve/CVE-2019-25014 • CWE-125: Out-of-bounds Read CWE-476: NULL Pointer Dereference •

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1

In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users specify an AuthorizationPolicy resource with DENY actions using wildcard suffixes (e.g. *-some-suffix) for source principals or namespace fields, callers will never be denied access, bypassing the intended policy. En Istio versiones 1.5.0 hasta 1.5.8 e Istio versiones 1.6.0 hasta 1.6.7, cuando los usuarios especifican un recurso AuthorizationPolicy con acciones DENY usando sufijos de comodín (por ejemplo, *-some-suffix) para los campos source principals o namespace, a los que llaman nunca se le denegará el acceso, omitiendo la política prevista An insecure access control vulnerability was found in Istio. If an authorization policy is created for a TCP service that includes a DENY rule with a prefix wildcard, Istio translates this into an Envoy string match, incorrectly removing the wildcard. This flaw allows an attacker to subvert particular DENY rules, potentially gaining access to restricted resources. • https://github.com/istio/istio/releases https://istio.io/latest/news/security/istio-security-2020-009 https://access.redhat.com/security/cve/CVE-2020-16844 https://bugzilla.redhat.com/show_bug.cgi?id=1861625 • CWE-284: Improper Access Control •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Istio 1.4.x before 1.4.9 and Istio 1.5.x before 1.5.4 contain the following vulnerability when telemetry v2 is enabled: by sending a specially crafted packet, an attacker could trigger a Null Pointer Exception resulting in a Denial of Service. This could be sent to the ingress gateway or a sidecar, triggering a null pointer exception which results in a denial of service. This also affects servicemesh-proxy where a null pointer exception flaw was found in servicemesh-proxy. When running Telemetry v2 (not on by default in version 1.4.x), an attacker could send a specially crafted packet to the ingress gateway or proxy sidecar, triggering a denial of service. Istio versiones 1.4.x anteriores a 1.4.9 e Istio versiones 1.5.x anteriores a 1.5.4, contienen la siguiente vulnerabilidad cuando se habilita la telemetry v2: al enviar un paquete especialmente diseñado, un atacante podría desencadenar una Excepción de Puntero Null resultando en una Denegación de Servicio. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10739 https://github.com/istio/envoy/commit/8788a3cf255b647fd14e6b5e2585abaaedb28153#diff-fcf2cf5dd389b5285f882ba4a8708633 https://istio.io/news/security/istio-security-2020-005 https://access.redhat.com/security/cve/CVE-2020-10739 https://bugzilla.redhat.com/show_bug.cgi?id=1833184 • CWE-476: NULL Pointer Dereference •