CVE-2020-8843 Information

Description

An issue was discovered in Istio 1.3 through 1.3.6. Under certain circumstances it is possible to bypass a specifically configured Mixer policy. Istio-proxy accepts the x-istio-attributes header at ingress that can be used to affect policy decisions when Mixer policy selectively applies to a source equal to ingress. To exploit this vulnerability someone has to encode a source.uid in this header. This feature is disabled by default in Istio 1.3 and 1.4.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Reference

https://github.com/istio/istio/commits/master https://istio.io/news/security/ https://istio.io/news/security/istio-security-2020-002/

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

NONE

Base Severity

7.4