CVE-2020-8595

CWE-287 — Improper Authentication CWE-2856 documents5 sources

Severity

7.3HIGH

EPSS

1.1%

top 22.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Istio Istio Redhat Openshift Service Mesh

Timeline

PublishedFeb 12

Latest updateMay 24

Description

Istio versions 1.2.10 (End of Life) and prior, 1.3 through 1.3.7, and 1.4 through 1.4.3 allows authentication bypass. The Authentication Policy exact-path matching logic can allow unauthorized access to HTTP paths even if they are configured to be only accessed after presenting a valid JWT token. For example, an attacker can add a ? or # character to a URI that would otherwise satisfy an exact-path match.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 3.9 | Impact: 3.4

Affected Packages2 packages

▶NVDistio/istio1.3 — 1.3.7+1

▶NVDredhat/openshift_service_mesh1.0

Patches

Patch: github.com ↗Patch: istio.io ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-6mcc-fxc5-58cv: Istio 1↗2022-05-24

▶

CVEList

CVE-2020-8595: Istio versions 1↗2020-02-12

▶

📋Vendor Advisories

Red Hat

istio: unauthorised access to JWT protected HTTP path↗2020-02-11

▶

💬Community

Bugzilla

CVE-2019-8595 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution↗2020-09-08

▶

Bugzilla

CVE-2020-8595 istio: unauthorised access to JWT protected HTTP path↗2020-02-04

▶