CVE-2026-31838

medium

Red Hat

CVSS v3 Base Score

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Published: March 10, 2026

Last Modified: March 10, 2026

Vendor: Red Hat

Source: REDHAT

Description

A flaw was found in Istio. This vulnerability in Envoy's Role-Based Access Control (RBAC) header matching could allow an attacker to bypass authorization policies. By crafting requests with multiple header values, an attacker could cause Envoy to misinterpret the header, leading to unauthorized access to protected services.

CWE

CWE-551

Affected Products

cert-manager Operator for Red Hat OpenShiftExternalDNS OperatorOpenShift ServerlessOpenShift Service Mesh 2OpenShift Service Mesh 3Red Hat Ansible Automation Platform 2Red Hat Connectivity Link 1Red Hat OpenShift AI (RHOAI)

References

🔗 bugzilla.redhat.com 🔗 www.cve.org 🔗 nvd.nist.gov 🔗 github.com

CVE-2026-31838

Vulnerability Report

Description

CWE

Affected Products

References