CVE-2020-16844Improper Access Control in Istio

CWE-284Improper Access Control5 documents5 sources
Severity
6.8MEDIUMNVD
EPSS
0.3%
top 48.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Istio.io IstioIstio
Timeline
PublishedOct 1
Latest updateFeb 15

Description

In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users specify an AuthorizationPolicy resource with DENY actions using wildcard suffixes (e.g. *-some-suffix) for source principals or namespace fields, callers will never be denied access, bypassing the intended policy.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 1.6 | Impact: 5.2

Affected Packages2 packages

Goistio.io/istio1.5.01.5.9+1
NVDistio/istio1.5.01.5.8+1

🔴Vulnerability Details

2
GHSA
Authorization bypass in Istio2022-02-15
OSV
Authorization bypass in Istio2022-02-15

📋Vendor Advisories

1
Red Hat
istio: incorrect translation of DENY policy for TCP service2020-08-11

💬Community

1
Bugzilla
CVE-2020-16844 istio: incorrect translation of DENY policy for TCP service2020-07-29
CVE-2020-16844 — Improper Access Control in Istio | cvebase