Impact
Istio 1.11.0, 1.10.3 and below, and 1.9.7 and below contain a remotely exploitable vulnerability where an HTTP request with #fragment in the path may bypass Istio’s URI path based authorization policies.
Patches
- Istio 1.11.1 and above
- Istio 1.10.4 and above
- Istio 1.9.8 and above
Workarounds
A Lua filter may be written to normalize the path. This is similar to the Path normalization presented in the Security Best Practices guide.
References
More details can be found in the Istio Security Bulletin
For more information
If you have any questions or comments about this advisory, please email us at istio-security-vulnerability-reports@googlegroups.com
yangminzhu Analyst
Impact
Istio 1.11.0, 1.10.3 and below, and 1.9.7 and below contain a remotely exploitable vulnerability where an HTTP request with
#fragmentin the path may bypass Istio’s URI path based authorization policies.Patches
Workarounds
A Lua filter may be written to normalize the path. This is similar to the Path normalization presented in the Security Best Practices guide.
References
More details can be found in the Istio Security Bulletin
For more information
If you have any questions or comments about this advisory, please email us at istio-security-vulnerability-reports@googlegroups.com