Lucene search
K

5 matches found

NVD
NVD
added 2020/02/12 3:15 p.m.35 views

CVE-2020-8595

Istio versions 1.2.10 End of Life and prior, 1.3 through 1.3.7, and 1.4 through 1.4.3 allows authentication bypass. The Authentication Policy exact-path matching logic can allow unauthorized access to HTTP paths even if they are configured to be only accessed after presenting a valid JWT token. F...

7.5CVSS7.3AI score0.02606EPSS
Exploits1References6
Prion
Prion
added 2020/02/12 3:15 p.m.13 views

Authentication flaw

Istio versions 1.2.10 End of Life and prior, 1.3 through 1.3.7, and 1.4 through 1.4.3 allows authentication bypass. The Authentication Policy exact-path matching logic can allow unauthorized access to HTTP paths even if they are configured to be only accessed after presenting a valid JWT token. F...

7.5CVSS7.2AI score0.02606EPSS
Exploits1References6Affected Software2
CVE
CVE
added 2020/02/12 2:10 p.m.77 views

CVE-2020-8595

CVE-2020-8595 affects Istio: authentication bypass via the Authentication Policy exact-path matching logic in Istio versions 1.2.10 (End of Life) and earlier, 1.3.x up to 1.3.7, and 1.4.x up to 1.4.3. An attacker can gain unauthorized access to HTTP paths configured to require a valid JWT by mani...

7.5CVSS7.2AI score0.02606EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2020/02/12 2:10 p.m.46 views

CVE-2020-8595

Istio versions 1.2.10 End of Life and prior, 1.3 through 1.3.7, and 1.4 through 1.4.3 allows authentication bypass. The Authentication Policy exact-path matching logic can allow unauthorized access to HTTP paths even if they are configured to be only accessed after presenting a valid JWT token. F...

7.3AI score0.02606EPSS
Exploits1References6
OSV
OSV
added 2017/11/20 8:29 p.m.3 views

DEBIAN-CVE-2017-3157

By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user in...

5.5CVSS5.6AI score0.03122EPSS
Exploits0References1
Rows per page
Query Builder