PT-2026-3101 · Istio · Istio
Petrmc
·
Published
2026-01-15
·
Updated
2026-01-16
·
CVE-2026-23766
CVSS v3.1
4.1
Medium
| Vector | AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Istio versions through 1.28.2
Description
Istio versions through 1.28.2 permit the injection of iptables rules, potentially altering firewall behavior. This is achieved through the
traffic.sidecar.istio.io/excludeInterfaces annotation. The reporter notes that this may not represent a security issue, as pod creators can already prevent sidecar injection.Recommendations
Versions prior to 1.28.3 are affected.
Fix
Argument Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Istio