{"id":"CVE-2021-34824","details":"Istio (1.8.x, 1.9.0-1.9.5 and 1.10.0-1.10.1) contains a remotely exploitable vulnerability where credentials specified in the Gateway and DestinationRule credentialName field can be accessed from different namespaces.","modified":"2026-07-09T01:07:02.087113Z","published":"2021-06-29T14:15:08.500Z","references":[{"type":"ADVISORY","url":"https://github.com/istio/istio/releases"},{"type":"ADVISORY","url":"https://istio.io/latest/news/security/istio-security-2021-007"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/istio/istio","events":[{"introduced":"c87a4c874df27e37a3e6c25fa3d1ef6279685d23"},{"fixed":"889aeb61320f41b3380be6027c3347135d1fa95d"},{"introduced":"d26cba7e341587453ffeb978f5cf6fbc32f346f8"},{"fixed":"25c4362d87b9946d6b59d39bf21c6c8a192d060f"}],"database_specific":{"extracted_events":[{"introduced":"1.8.0"},{"fixed":"1.9.6"},{"introduced":"1.10.0"},{"fixed":"1.10.2"}],"source":"CPE_RANGE","cpe":"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*"}}],"versions":["1.10.1","1.10.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-34824.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}