{"containers": {"cna": {"affected": [{"product": "istio", "vendor": "istio", "versions": [{"status": "affected", "version": ">= 1.13.0, < 1.13.1"}, {"status": "affected", "version": ">= 1.12.0, < 1.12.4"}, {"status": "affected", "version": "< 1.11.7"}]}], "descriptions": [{"lang": "en", "value": "Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [multicluster](https://istio.io/latest/docs/setup/install/multicluster/primary-remote/) topologies, this port is exposed over the public internet. There are no effective workarounds, beyond upgrading. Limiting network access to Istiod to the minimal set of clients can help lessen the scope of the vulnerability to some extent."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287: Improper Authentication", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-02-22T22:00:13", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/istio/istio/security/advisories/GHSA-856q-xv3c-7f2f"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/istio/istio/commit/5f3b5ed958ae75156f8656fe7b3794f78e94db84"}, {"tags": ["x_refsource_MISC"], "url": "https://istio.io/latest/news/security/istio-security-2022-003"}], "source": {"advisory": "GHSA-856q-xv3c-7f2f", "discovery": "UNKNOWN"}, "title": "Unauthenticated control plane denial of service attack in Istio", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-23635", "STATE": "PUBLIC", "TITLE": "Unauthenticated control plane denial of service attack in Istio"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "istio", "version": {"version_data": [{"version_value": ">= 1.13.0, < 1.13.1"}, {"version_value": ">= 1.12.0, < 1.12.4"}, {"version_value": "< 1.11.7"}]}}]}, "vendor_name": "istio"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [multicluster](https://istio.io/latest/docs/setup/install/multicluster/primary-remote/) topologies, this port is exposed over the public internet. There are no effective workarounds, beyond upgrading. Limiting network access to Istiod to the minimal set of clients can help lessen the scope of the vulnerability to some extent."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-287: Improper Authentication"}]}]}, "references": {"reference_data": [{"name": "https://github.com/istio/istio/security/advisories/GHSA-856q-xv3c-7f2f", "refsource": "CONFIRM", "url": "https://github.com/istio/istio/security/advisories/GHSA-856q-xv3c-7f2f"}, {"name": "https://github.com/istio/istio/commit/5f3b5ed958ae75156f8656fe7b3794f78e94db84", "refsource": "MISC", "url": "https://github.com/istio/istio/commit/5f3b5ed958ae75156f8656fe7b3794f78e94db84"}, {"name": "https://istio.io/latest/news/security/istio-security-2022-003", "refsource": "MISC", "url": "https://istio.io/latest/news/security/istio-security-2022-003"}]}, "source": {"advisory": "GHSA-856q-xv3c-7f2f", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:51:45.891Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/istio/istio/security/advisories/GHSA-856q-xv3c-7f2f"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/istio/istio/commit/5f3b5ed958ae75156f8656fe7b3794f78e94db84"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://istio.io/latest/news/security/istio-security-2022-003"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-23635", "datePublished": "2022-02-22T22:00:13", "dateReserved": "2022-01-19T00:00:00", "dateUpdated": "2024-08-03T03:51:45.891Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F628089-4585-4D6E-9524-F8058D3CAA72", "versionEndExcluding": "1.11.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", "matchCriteriaId": "B682D44E-A685-43A4-80DE-BE04BA1D13AB", "versionEndExcluding": "1.12.4", "versionStartIncluding": "1.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D493CB7-63C8-4B0A-A2F4-5697943803B0", "versionEndExcluding": "1.13.1", "versionStartIncluding": "1.13.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [multicluster](https://istio.io/latest/docs/setup/install/multicluster/primary-remote/) topologies, this port is exposed over the public internet. There are no effective workarounds, beyond upgrading. Limiting network access to Istiod to the minimal set of clients can help lessen the scope of the vulnerability to some extent."}, {"lang": "es", "value": "Istio es una plataforma abierta para conectar, gestionar y asegurar microservicios. En las versiones afectadas, el plano de control de Istio, `istiod`, es vulnerable a un error de procesamiento de solicitudes, lo que permite a un atacante malicioso que env\u00ede un mensaje especialmente dise\u00f1ado que resulte en la ca\u00edda del plano de control. Este punto final se sirve a trav\u00e9s del puerto 15012 de TLS, pero no requiere ninguna autenticaci\u00f3n por parte del atacante. Para instalaciones sencillas, Istiod normalmente s\u00f3lo es alcanzable desde dentro del cl\u00faster, limitando el radio de explosi\u00f3n. Sin embargo, para algunos despliegues, especialmente las topolog\u00edas [multicluster](https://istio.io/latest/docs/setup/install/multicluster/primary-remote/), este puerto est\u00e1 expuesto a trav\u00e9s de la Internet p\u00fablica. No hay medidas de mitigaci\u00f3n adicionales efectivas, m\u00e1s all\u00e1 de la actualizaci\u00f3n. Limitar el acceso a la red a Istiod al conjunto m\u00ednimo de clientes puede ayudar a reducir el alcance de la vulnerabilidad hasta cierto punto"}], "id": "CVE-2022-23635", "lastModified": "2023-07-13T16:32:55.903", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-02-22T22:15:07.620", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/istio/istio/commit/5f3b5ed958ae75156f8656fe7b3794f78e94db84"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/istio/istio/security/advisories/GHSA-856q-xv3c-7f2f"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://istio.io/latest/news/security/istio-security-2022-003"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1284"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2022:1276", "cpe": "cpe:/a:redhat:service_mesh:2.0::el8", "package": "servicemesh-0:2.0.9-3.el8", "product_name": "OpenShift Service Mesh 2.0", "release_date": "2022-04-07T00:00:00Z"}, {"advisory": "RHSA-2022:1275", "cpe": "cpe:/a:redhat:service_mesh:2.1::el8", "package": "servicemesh-0:2.1.2-4.el8", "product_name": "OpenShift Service Mesh 2.1", "release_date": "2022-04-07T00:00:00Z"}], "bugzilla": {"description": "istio: unauthenticated control plane denial of service attack", "id": "2057277", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057277"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-287", "details": ["Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [multicluster](https://istio.io/latest/docs/setup/install/multicluster/primary-remote/) topologies, this port is exposed over the public internet. There are no effective workarounds, beyond upgrading. Limiting network access to Istiod to the minimal set of clients can help lessen the scope of the vulnerability to some extent.", "A flaw was found in istio. This flaw allows an attacker to send a specially crafted message to isitiod, causing the control plane to crash."], "name": "CVE-2022-23635", "public_date": "2022-02-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-23635\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-23635\nhttps://istio.io/latest/news/security/istio-security-2022-003"], "threat_severity": "Moderate", "upstream_fix": "Istio 1.13.1, Istio 1.12.4, Istio 1.11.7"}