What is the vulnerability ID for the Istio Incorrect Access Control vulnerability?

The vulnerability ID for the Istio Incorrect Access Control vulnerability is CVE-2019-12243.

What is the severity rating of CVE-2019-12243?

The severity rating of CVE-2019-12243 is high with a score of 8.9.

How does the Istio Incorrect Access Control vulnerability affect the software?

The Istio Incorrect Access Control vulnerability affects Istio versions 1.1.x through 1.1.6 and Microsoft Windows Server 2022.

How can I fix the Istio Incorrect Access Control vulnerability?

To fix the Istio Incorrect Access Control vulnerability, upgrade to Istio version 1.1.7 or higher.

Where can I find more information about CVE-2019-12243?

You can find more information about CVE-2019-12243 on the NIST National Vulnerability Database, Istio blog, and GitHub.

Vulnerability/
CVE-2019-12243

high

8.9

CWE

284

5/6/2019

15/2/2022

4/8/2024

CVE-2019-12243

First published: Wed Jun 05 2019(Updated: )

Istio 1.1.x through 1.1.6 has Incorrect Access Control.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
go/istio.io/istio	>=1.1.0<1.1.7	1.1.7
Istio Istio	>=1.1<=1.1.6

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID for the Istio Incorrect Access Control vulnerability?
The vulnerability ID for the Istio Incorrect Access Control vulnerability is CVE-2019-12243.
What is the severity rating of CVE-2019-12243?
The severity rating of CVE-2019-12243 is high with a score of 8.9.
How does the Istio Incorrect Access Control vulnerability affect the software?
The Istio Incorrect Access Control vulnerability affects Istio versions 1.1.x through 1.1.6 and Microsoft Windows Server 2022.
How can I fix the Istio Incorrect Access Control vulnerability?
To fix the Istio Incorrect Access Control vulnerability, upgrade to Istio version 1.1.7 or higher.
Where can I find more information about CVE-2019-12243?
You can find more information about CVE-2019-12243 on the NIST National Vulnerability Database, Istio blog, and GitHub.

collector/github-advisory-latest
alias/GHSA-6g5f-f5pm-mjrg
alias/CVE-2019-12243
collector/github-advisory
agent/author
agent/type
agent/last-modified-date
agent/first-publish-date
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-cve
agent/weakness
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/description
agent/event
collector/mitre-cve
source/MITRE
package-manager/go
vendor/istio
canonical/istio istio
version/istio istio/1.1
version/istio istio/1.1.6

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.