5 matches found
Oracle Linux 7 / 8 : olcne / istio / istio (ELSA-2022-9363)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9363 advisory. - Addresses CVE-2022-24726, CVE-2022-24921 istio Tenable has extracted the preceding description block directly from the Oracle Linux security...
istio: Unauthenticated control plane denial of service attack due to stack exhaustion
A stack exhaustion flaw was found in the Istio control plane. This flaw allows a remote unauthenticated attacker to send a specially crafted or oversized message to crash the control plane process, resulting in a denial of service condition...
istio: unauthenticated control plane denial of service attack
A flaw was found in istio. This flaw allows an attacker to send a specially crafted message to isitiod, causing the control plane to crash...
CVE-2022-24726 Unauthenticated control plane denial of service attack in Istio
Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, istiod, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing when the...
CVE-2022-24726
The CVE-2022-24726 entry affects Istio’s control plane (istiod) where a request processing error in the validating webhook, exposed publicly on TLS port 15017, can crash the control plane when a specially crafted message is processed. Affected versions have been patched in Istio releases 1.13.2, ...