Istio before 1.8.6 and 1.9.x before 1.9.5 contains a remotely exploitable vulnerability where an external client can access unexpected services in the cluster, bypassing authorization checks, when a gateway is configured with AUTO_PASSTHROUGH routing configuration.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-06-02T15:36:41
Updated: 2024-08-03T23:10:31.293Z
Reserved: 2021-04-30T00:00:00
Link: CVE-2021-31921
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-06-02T16:15:08.927
Modified: 2024-11-21T06:06:30.930
Link: CVE-2021-31921
Redhat