istio-pilot-discovery-1.21
1.21.3-r0
8.1
CVSS V3
Istio Fragments in Path May Lead to Authorization Policy Bypass
Istio 1.11.0, 1.10.3 and below, and 1.9.7 and below contain a remotely exploitable vulnerability where an HTTP request with #fragment
in the path may bypass Istio’s URI path based authorization policies.
A Lua filter may be written to normalize the path. This is similar to the Path normalization presented in the Security Best Practices guide.
More details can be found in the Istio Security Bulletin
If you have any questions or comments about this advisory, please email us at istio-security-vulnerability-reports@googlegroups.com