CVE-2019-12243

EUVD-2022-0859
Istio 1.1.x through 1.1.6 has Incorrect Access Control.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
ADJACENT_NETWORK
HIGH
NONE
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
Affected Products (NVD)
VendorProductVersion
istioistio
1.1 ≤
𝑥
≤ 1.1.6
𝑥
= Vulnerable software versions
References
https://istio.io/about/notes/
https://istio.io/blog/2019/cve-2019-12243/
https://istio.io/about/notes/
https://istio.io/blog/2019/cve-2019-12243/