CVE-2026-23766

medium

Description

Istio through 1.28.2 allows iptables rule injection for changing firewall behavior via the traffic.sidecar.istio.io/excludeInterfaces annotation. NOTE: the reporter's position is "this doesn't represent a security vulnerability (pod creators can already exclude sidecar injection entirely)."

References

https://github.com/istio/istio/pull/58785

https://github.com/istio/istio/issues/58781

Details

Source: Mitre, NVD

Published: 2026-01-15

Updated: 2026-01-15

Risk Information

CVSS v2

Base Score: 2.7

Vector: CVSS2#AV:A/AC:L/Au:S/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 4.1

Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Severity: Medium

Detections

Analytics