Lucene search
GoogleOSV:CVE-2020-16844HistoryOct 01, 2020 - 5:15 p.m.
CVE-2020-16844
2020-10-0117:15:13
Google
osv.dev
5
istio
authorizationpolicy
access bypass
In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users specify an AuthorizationPolicy resource with DENY actions using wildcard suffixes (e.g. *-some-suffix) for source principals or namespace fields, callers will never be denied access, bypassing the intended policy.
Related
veracode
veracode
Insecure Access Control
2020-08-12 02:11:57
gitlab
gitlab
Authorization bypass in Istio
2022-02-15 00:00:00
Authorization bypass in Istio
2022-02-15 00:00:00
prion
prion
Code injection
2020-10-01 17:15:00
redhatcve
redhatcve
CVE-2020-16844
2020-08-11 19:43:53
osv
osv
Authorization bypass in Istio
2022-02-15 01:57:18
github
github
Authorization bypass in Istio
2022-02-15 01:57:18
nvd
nvd
CVE-2020-16844
2020-10-01 17:15:13
nessus
nessus
RHEL 8 : Red Hat OpenShift Service Mesh 1.1 (RHSA-2020:3425)
2020-08-11 00:00:00
cvelist
cvelist
CVE-2020-16844
2020-10-01 16:32:38
redhat
redhat
cve
cve
CVE-2020-16844
2020-10-01 17:15:13