CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-34824
https://notcve.org/view.php?id=CVE-2021-34824
Istio (1.8.x, 1.9.0-1.9.5 and 1.10.0-1.10.1) contains a remotely exploitable vulnerability where credentials specified in the Gateway and DestinationRule credentialName field can be accessed from different namespaces. Istio (versiones 1.8.x, 1.9.0-1.9.5 y 1.10.0-1.10.1) contiene una vulnerabilidad explotable de forma remota en la que se puede acceder a las credenciales especificadas en el campo Gateway y DestinationRule credentialName desde diferentes espacios de nombres • https://github.com/rsalmond/CVE-2021-34824 https://github.com/istio/istio/releases https://istio.io/latest/news/security/istio-security-2021-007 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2021-31921 – istio/istio: authorization bypass when using AUTO_PASSTHROUGH
https://notcve.org/view.php?id=CVE-2021-31921
Istio before 1.8.6 and 1.9.x before 1.9.5 contains a remotely exploitable vulnerability where an external client can access unexpected services in the cluster, bypassing authorization checks, when a gateway is configured with AUTO_PASSTHROUGH routing configuration. Istio antes de la versión 1.8.6 y 1.9.x antes de la versión 1.9.5 contiene una vulnerabilidad explotable de forma remota por la que un cliente externo puede acceder a servicios inesperados en el clúster, saltándose las comprobaciones de autorización, cuando una puerta de enlace está configurada con la configuración de enrutamiento AUTO_PASSTHROUGH An authorization bypass vulnerability was found in istio. When the istio gateway is configured with TLS mode `AUTO_PASSTHROUGH`, it is possible for a malicious user to bypass the authorization checks and gain access to protected services. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://istio.io/latest/news/security/istio-security-2021-006 https://access.redhat.com/security/cve/CVE-2021-31921 https://bugzilla.redhat.com/show_bug.cgi?id=1955396 • CWE-862: Missing Authorization CWE-863: Incorrect Authorization •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 1CVE-2021-31920 – istio/istio: HTTP request with escaped slash characters can bypass authorization mechanisms
https://notcve.org/view.php?id=CVE-2021-31920
Istio before 1.8.6 and 1.9.x before 1.9.5 has a remotely exploitable vulnerability where an HTTP request path with multiple slashes or escaped slash characters (%2F or %5C) could potentially bypass an Istio authorization policy when path based authorization rules are used. Istio versiones anteriores a 1.8.6 y versiones 1.9.x anteriores a 1.9.5 presenta una vulnerabilidad explotable de forma remota en la que una ruta de petición HTTP con múltiples barras o caracteres de barra de escape (%2F o %5C) podría omitir potencialmente una política de autorización de Istio cuando las reglas de autorización basadas en la ruta son usadas An authorization bypass flaw was found in Istio. This flaw allows an attacker to craft an HTTP request that defines a certain pattern of escaped characters in the URI path (such as %2F, %2f, %5C, or %5c), allowing them to bypass the authorization service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://istio.io/latest/news/security/istio-security-2021-005 https://access.redhat.com/security/cve/CVE-2021-31920 https://bugzilla.redhat.com/show_bug.cgi?id=1959481 • CWE-706: Use of Incorrectly-Resolved Name or Reference CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25014 – istio-pilot: requests to debug api can result in panic
https://notcve.org/view.php?id=CVE-2019-25014
A NULL pointer dereference was found in pkg/proxy/envoy/v2/debug.go getResourceVersion in Istio pilot before 1.5.0-alpha.0. If a particular HTTP GET request is made to the pilot API endpoint, it is possible to cause the Go runtime to panic (resulting in a denial of service to the istio-pilot application). Se encontró una desreferencia del puntero NULL en el archivo pkg/proxy/envoy/v2/debug.go en la función getResourceVersion en Istio pilot versiones anteriores a 1.5.0-alpha.0. Si es realizado una petición HTTP GET en particular al endpoint de la API pilot, es posible que el tiempo de ejecución de Go entre en pánico (resultando en una denegación de servicio para la aplicación istio-pilot) An out-of-bounds read flaw was found in istio-pilot. This flaw allows an attacker to send a crafted HTTP GET request to the pilot debug API endpoint. • https://bugzilla.redhat.com/show_bug.cgi?id=1919066 https://github.com/istio/istio/compare/1.4.2...1.5.0-alpha.0 https://access.redhat.com/security/cve/CVE-2019-25014 • CWE-125: Out-of-bounds Read CWE-476: NULL Pointer Dereference •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-16844 – istio: incorrect translation of DENY policy for TCP service
https://notcve.org/view.php?id=CVE-2020-16844
In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users specify an AuthorizationPolicy resource with DENY actions using wildcard suffixes (e.g. *-some-suffix) for source principals or namespace fields, callers will never be denied access, bypassing the intended policy. En Istio versiones 1.5.0 hasta 1.5.8 e Istio versiones 1.6.0 hasta 1.6.7, cuando los usuarios especifican un recurso AuthorizationPolicy con acciones DENY usando sufijos de comodín (por ejemplo, *-some-suffix) para los campos source principals o namespace, a los que llaman nunca se le denegará el acceso, omitiendo la política prevista An insecure access control vulnerability was found in Istio. If an authorization policy is created for a TCP service that includes a DENY rule with a prefix wildcard, Istio translates this into an Envoy string match, incorrectly removing the wildcard. This flaw allows an attacker to subvert particular DENY rules, potentially gaining access to restricted resources. • https://github.com/istio/istio/releases https://istio.io/latest/news/security/istio-security-2020-009 https://access.redhat.com/security/cve/CVE-2020-16844 https://bugzilla.redhat.com/show_bug.cgi?id=1861625 • CWE-284: Improper Access Control •