CVE-2021-34824

CVSS v3.1 8.8 (High)

CVSS v2.0 6.5 (Medium)

EPSS 0.10 % (43^th)

Affected Products 1

Advisories 5

Istio (1.8.x, 1.9.0-1.9.5 and 1.10.0-1.10.1) contains a remotely exploitable vulnerability where credentials specified in the Gateway and DestinationRule credentialName field can be accessed from different namespaces.

Weaknesses

CWE-NVD-noinfo

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2021-06-29 14:15:08
(3 years ago)
Updated Date: 2022-07-12 17:42:04
(2 years ago)

Affected Products

Istio

Istio

Configuration #1

		CPE23	From	Up To
	Istio from 1.8.0 version and prior 1.9.6 version	cpe:2.3:a:istio:istio	>= 1.8.0	< 1.9.6
	Istio from 1.10.0 version and prior 1.10.2 version	cpe:2.3:a:istio:istio	>= 1.10.0	< 1.10.2