Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

ASA-202107-3 - log back

ASA-202107-3 edited at 03 Jul 2021 16:25:57

Workaround

-	This vulnerability can be mitigated by disabling Istiod caching. Caching is disabled by setting an Istiod environment variable PILOT_ENABLE_XDS_CACHE=false. System and Istiod performance may be impacted as this disables XDS caching.
+	This vulnerability can be mitigated by disabling Istiod caching.
+	Caching is disabled by setting an Istiod environment variable
+	PILOT_ENABLE_XDS_CACHE=false. System and Istiod performance may be
+	impacted as this disables XDS caching.

ASA-202107-3 edited at 01 Jul 2021 12:23:11

Workaround

+	This vulnerability can be mitigated by disabling Istiod caching. Caching is disabled by setting an Istiod environment variable PILOT_ENABLE_XDS_CACHE=false. System and Istiod performance may be impacted as this disables XDS caching.

Impact

+	An authorized client could retrieve any TLS certificate and private key cached in Istiod outside of its own namespace.

ASA-202107-3 created at 01 Jul 2021 12:21:55