Lucene search
+L

istio/istio: HTTP request can bypass authorization mechanisms due to case insensitive host comparison

🗓️ 25 Aug 2021 09:37:49Reported by RedHatType 
redhat
 redhat
🔗 access.redhat.com👁 2 Views

Istio authorization bypass from case insensitive host comparison in host or notHost rules.

Related
Packages
Refs
ReporterTitlePublishedViews
Family
Chainguard
CVE-2021-39155 vulnerabilities
24 Aug 202123:15
cgr
Circl
CVE-2021-39155
25 Aug 202102:37
circl
CNNVD
Istio 安全漏洞
24 Aug 202100:00
cnnvd
CVE
CVE-2021-39155
24 Aug 202122:25
cve
Cvelist
CVE-2021-39155 Authorization Policy Bypass Due to Case Insensitive Host Comparison
24 Aug 202122:25
cvelist
EUVD
EUVD-2021-1611
7 Oct 202500:30
euvd
Github Security Blog
Authorization Policy Bypass Due to Case Insensitive Host Comparison
30 Aug 202116:15
github
GitLab Advisory Database
Improper Handling of Case Sensitivity
30 Aug 202100:00
gitlab
GitLab Advisory Database
Improper Handling of Case Sensitivity
30 Aug 202100:00
gitlab
NVD
CVE-2021-39155
24 Aug 202123:15
nvd
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Red Hat Enterprise Linux8ppc64leservicemesh2.0.7-3.el8servicemesh-2.0.7-3.el8.ppc64le.rpm
Red Hat Enterprise Linux8s390xservicemesh2.0.7-3.el8servicemesh-2.0.7-3.el8.s390x.rpm
Red Hat Enterprise Linux8x86_64servicemesh2.0.7-3.el8servicemesh-2.0.7-3.el8.x86_64.rpm
Red Hat Enterprise Linux8ppc64leservicemesh-istioctl2.0.7-3.el8servicemesh-istioctl-2.0.7-3.el8.ppc64le.rpm
Red Hat Enterprise Linux8s390xservicemesh-istioctl2.0.7-3.el8servicemesh-istioctl-2.0.7-3.el8.s390x.rpm
Red Hat Enterprise Linux8x86_64servicemesh-istioctl2.0.7-3.el8servicemesh-istioctl-2.0.7-3.el8.x86_64.rpm
Red Hat Enterprise Linux8ppc64leservicemesh-mixc2.0.7-3.el8servicemesh-mixc-2.0.7-3.el8.ppc64le.rpm
Red Hat Enterprise Linux8s390xservicemesh-mixc2.0.7-3.el8servicemesh-mixc-2.0.7-3.el8.s390x.rpm
Red Hat Enterprise Linux8x86_64servicemesh-mixc2.0.7-3.el8servicemesh-mixc-2.0.7-3.el8.x86_64.rpm
Red Hat Enterprise Linux8ppc64leservicemesh-mixs2.0.7-3.el8servicemesh-mixs-2.0.7-3.el8.ppc64le.rpm
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

18 Mar 2026 02:07Current
5.8Medium risk
Vulners AI Score5.8
CVSS 25
CVSS 3.17.5 - 8.3
EPSS0.01176
2