Identifier

CVE-2020-16844

Package Slug

go/github.com/istio/istio

Vulnerability

Improper Authentication

Description

In Istio, when users specify an AuthorizationPolicy resource with DENY actions using wildcard suffixes (e.g., *-some-suffix) for source principals or namespace fields, callers will never be denied access, bypassing the intended policy.

Affected Versions

All versions starting from 1.5.0 up to 1.5.8, all versions starting from 1.6.0 up to 1.6.7

Solution

Upgrade to version 1.6.8 or above.

Last Modified

2020-10-11

source