Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhxeHctbW00NC1nYzRy
Istio Fragments in Path May Lead to Authorization Policy Bypass
Impact
Istio 1.11.0, 1.10.3 and below, and 1.9.7 and below contain a remotely exploitable vulnerability where an HTTP request with #fragment in the path may bypass Istio’s URI path based authorization policies.
Patches
- Istio 1.11.1 and above
- Istio 1.10.4 and above
- Istio 1.9.8 and above
Workarounds
A Lua filter may be written to normalize the path. This is similar to the Path normalization presented in the Security Best Practices guide.
References
More details can be found in the Istio Security Bulletin
For more information
If you have any questions or comments about this advisory, please email us at [email protected]
Permalink: https://github.com/advisories/GHSA-hqxw-mm44-gc4rJSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhxeHctbW00NC1nYzRy
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: about 3 years ago
Updated: almost 2 years ago
CVSS Score: 8.1
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Identifiers: GHSA-hqxw-mm44-gc4r, CVE-2021-39156
References:
- https://github.com/istio/istio/security/advisories/GHSA-hqxw-mm44-gc4r
- https://nvd.nist.gov/vuln/detail/CVE-2021-39156
- https://istio.io/latest/news/security/istio-security-2021-008
- https://github.com/advisories/GHSA-hqxw-mm44-gc4r
Blast Radius: 17.6
Affected Packages
go:istio.io/istio
Dependent packages: 119Dependent repositories: 149
Downloads:
Affected Version Ranges: = 1.11.0, >= 1.10.0, < 1.10.4, < 1.9.8
Fixed in: 1.11.1, 1.10.4, 1.9.8
All affected versions:
All unaffected versions: