Vulnerabilites related to hashicorp - consul
cve-2022-24687
Vulnerability from cvelistv5
Published
2022-02-24 15:37
Modified
2024-08-03 04:20
Severity ?
Summary
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at least one Ingress Gateway allow a user with service:write to register a specifically-defined service that can cause Consul servers to panic. Fixed in 1.9.15, 1.10.8, and 1.11.3.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T04:20:49.839Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2022-05-consul-ingress-gateway-panic-can-shutdown-servers/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20220331-0006/",
               },
               {
                  name: "GLSA-202208-09",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202208-09",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at least one Ingress Gateway allow a user with service:write to register a specifically-defined service that can cause Consul servers to panic. Fixed in 1.9.15, 1.10.8, and 1.11.3.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-10T23:33:50",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://discuss.hashicorp.com",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://discuss.hashicorp.com/t/hcsec-2022-05-consul-ingress-gateway-panic-can-shutdown-servers/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20220331-0006/",
            },
            {
               name: "GLSA-202208-09",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202208-09",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2022-24687",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at least one Ingress Gateway allow a user with service:write to register a specifically-defined service that can cause Consul servers to panic. Fixed in 1.9.15, 1.10.8, and 1.11.3.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://discuss.hashicorp.com",
                     refsource: "MISC",
                     url: "https://discuss.hashicorp.com",
                  },
                  {
                     name: "https://discuss.hashicorp.com/t/hcsec-2022-05-consul-ingress-gateway-panic-can-shutdown-servers/",
                     refsource: "MISC",
                     url: "https://discuss.hashicorp.com/t/hcsec-2022-05-consul-ingress-gateway-panic-can-shutdown-servers/",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20220331-0006/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20220331-0006/",
                  },
                  {
                     name: "GLSA-202208-09",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202208-09",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-24687",
      datePublished: "2022-02-24T15:37:51",
      dateReserved: "2022-02-09T00:00:00",
      dateUpdated: "2024-08-03T04:20:49.839Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-36213
Vulnerability from cvelistv5
Published
2021-07-17 17:32
Modified
2024-08-04 00:54
Severity ?
Summary
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T00:54:50.693Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.hashicorp.com/blog/category/consul",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2021-16-consul-s-application-aware-intentions-deny-action-fails-open-when-combined-with-default-deny-policy/26855",
               },
               {
                  name: "GLSA-202208-09",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202208-09",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-10T05:08:41",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.hashicorp.com/blog/category/consul",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://discuss.hashicorp.com/t/hcsec-2021-16-consul-s-application-aware-intentions-deny-action-fails-open-when-combined-with-default-deny-policy/26855",
            },
            {
               name: "GLSA-202208-09",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202208-09",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-36213",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.hashicorp.com/blog/category/consul",
                     refsource: "MISC",
                     url: "https://www.hashicorp.com/blog/category/consul",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
                  },
                  {
                     name: "https://discuss.hashicorp.com/t/hcsec-2021-16-consul-s-application-aware-intentions-deny-action-fails-open-when-combined-with-default-deny-policy/26855",
                     refsource: "CONFIRM",
                     url: "https://discuss.hashicorp.com/t/hcsec-2021-16-consul-s-application-aware-intentions-deny-action-fails-open-when-combined-with-default-deny-policy/26855",
                  },
                  {
                     name: "GLSA-202208-09",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202208-09",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-36213",
      datePublished: "2021-07-17T17:32:36",
      dateReserved: "2021-07-07T00:00:00",
      dateUpdated: "2024-08-04T00:54:50.693Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-12291
Vulnerability from cvelistv5
Published
2019-06-06 16:35
Modified
2024-08-04 23:17
Severity ?
Summary
HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Keys not matching a specific ACL rule used for prefix matching in a policy can be deleted by a token using that policy even with default deny settings configured.
References
https://github.com/hashicorp/consul/issues/5888x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T23:17:39.422Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/issues/5888",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2019-05-22T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Keys not matching a specific ACL rule used for prefix matching in a policy can be deleted by a token using that policy even with default deny settings configured.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-06-07T13:29:41",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/issues/5888",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-12291",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Keys not matching a specific ACL rule used for prefix matching in a policy can be deleted by a token using that policy even with default deny settings configured.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/hashicorp/consul/issues/5888",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/issues/5888",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-12291",
      datePublished: "2019-06-06T16:35:38",
      dateReserved: "2019-05-22T00:00:00",
      dateUpdated: "2024-08-04T23:17:39.422Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2018-19653
Vulnerability from cvelistv5
Published
2018-12-09 19:00
Modified
2024-08-05 11:44
Severity ?
Summary
HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the verify_outgoing setting is improperly documented. NOTE: the vendor has provided reconfiguration steps that do not require a software upgrade.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T11:44:20.263Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://groups.google.com/forum/#%21topic/consul-tool/7TCw06oio0I",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/pull/5069",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2018-12-09T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the verify_outgoing setting is improperly documented. NOTE: the vendor has provided reconfiguration steps that do not require a software upgrade.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-12-09T19:57:02",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://groups.google.com/forum/#%21topic/consul-tool/7TCw06oio0I",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/hashicorp/consul/pull/5069",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2018-19653",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the verify_outgoing setting is improperly documented. NOTE: the vendor has provided reconfiguration steps that do not require a software upgrade.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://groups.google.com/forum/#!topic/consul-tool/7TCw06oio0I",
                     refsource: "MISC",
                     url: "https://groups.google.com/forum/#!topic/consul-tool/7TCw06oio0I",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/pull/5069",
                     refsource: "MISC",
                     url: "https://github.com/hashicorp/consul/pull/5069",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2018-19653",
      datePublished: "2018-12-09T19:00:00",
      dateReserved: "2018-11-28T00:00:00",
      dateUpdated: "2024-08-05T11:44:20.263Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-28053
Vulnerability from cvelistv5
Published
2020-11-23 13:11
Modified
2024-08-04 16:33
Severity ?
Summary
HashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed operators with operator:read ACL permissions to read the Connect CA private key configuration. Fixed in 1.6.10, 1.7.10, and 1.8.6.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T16:33:56.879Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.hashicorp.com/blog/category/consul",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#186-november-19-2020",
               },
               {
                  name: "GLSA-202208-09",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202208-09",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed operators with operator:read ACL permissions to read the Connect CA private key configuration. Fixed in 1.6.10, 1.7.10, and 1.8.6.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-10T05:09:33",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.hashicorp.com/blog/category/consul",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#186-november-19-2020",
            },
            {
               name: "GLSA-202208-09",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202208-09",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-28053",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed operators with operator:read ACL permissions to read the Connect CA private key configuration. Fixed in 1.6.10, 1.7.10, and 1.8.6.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.hashicorp.com/blog/category/consul",
                     refsource: "MISC",
                     url: "https://www.hashicorp.com/blog/category/consul",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#186-november-19-2020",
                     refsource: "MISC",
                     url: "https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#186-november-19-2020",
                  },
                  {
                     name: "GLSA-202208-09",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202208-09",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-28053",
      datePublished: "2020-11-23T13:11:27",
      dateReserved: "2020-11-02T00:00:00",
      dateUpdated: "2024-08-04T16:33:56.879Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-29153
Vulnerability from cvelistv5
Published
2022-04-19 00:00
Modified
2024-08-03 06:10
Severity ?
Summary
HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T06:10:59.268Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/38393",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20220602-0005/",
               },
               {
                  name: "GLSA-202208-09",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202208-09",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/",
               },
               {
                  name: "FEDORA-2022-7e327a20be",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBODKZL7HQE5XXS3SA2VIDVL4LAA5RWH/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-12-26T00:00:00",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               url: "https://discuss.hashicorp.com",
            },
            {
               url: "https://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/38393",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20220602-0005/",
            },
            {
               name: "GLSA-202208-09",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://security.gentoo.org/glsa/202208-09",
            },
            {
               url: "https://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/",
            },
            {
               name: "FEDORA-2022-7e327a20be",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBODKZL7HQE5XXS3SA2VIDVL4LAA5RWH/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-29153",
      datePublished: "2022-04-19T00:00:00",
      dateReserved: "2022-04-13T00:00:00",
      dateUpdated: "2024-08-03T06:10:59.268Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-12797
Vulnerability from cvelistv5
Published
2020-06-11 19:37
Modified
2024-08-04 12:04
Severity ?
Summary
HashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to non-propagation to secondary data centers. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T12:04:22.912Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/pull/8047",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2020-06-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to non-propagation to secondary data centers. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-06-11T19:37:19",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/pull/8047",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-12797",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to non-propagation to secondary data centers. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/pull/8047",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/pull/8047",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-12797",
      datePublished: "2020-06-11T19:37:19",
      dateReserved: "2020-05-12T00:00:00",
      dateUpdated: "2024-08-04T12:04:22.912Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-9764
Vulnerability from cvelistv5
Published
2019-03-26 13:05
Modified
2024-08-04 22:01
Severity ?
Summary
HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In other words, the product behaves as if verify_server_hostname were set to false, even when it is actually set to true. This is fixed in 1.4.4.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T22:01:54.083Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/issues/5519",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In other words, the product behaves as if verify_server_hostname were set to false, even when it is actually set to true. This is fixed in 1.4.4.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-03-26T13:05:51",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/hashicorp/consul/issues/5519",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-9764",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In other words, the product behaves as if verify_server_hostname were set to false, even when it is actually set to true. This is fixed in 1.4.4.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/hashicorp/consul/issues/5519",
                     refsource: "MISC",
                     url: "https://github.com/hashicorp/consul/issues/5519",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-9764",
      datePublished: "2019-03-26T13:05:51",
      dateReserved: "2019-03-14T00:00:00",
      dateUpdated: "2024-08-04T22:01:54.083Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-0845
Vulnerability from cvelistv5
Published
2023-03-09 15:14
Modified
2025-02-13 16:39
Summary
Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5.
Impacted products
Vendor Product Version
HashiCorp Consul Version: 1.14.0
Version: 1.14.1
Version: 1.14.2
Version: 1.14.3
Version: 1.14.4
Create a notification for this product.
   HashiCorp Consul Enterprise Version: 1.14.0
Version: 1.14.1
Version: 1.14.2
Version: 1.14.3
Version: 1.14.4
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T05:24:34.464Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2023-06-consul-server-panic-when-ingress-and-api-gateways-configured-with-peering-connections/51197",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul",
               repo: "https://github.com/hashicorp/consul",
               vendor: "HashiCorp",
               versions: [
                  {
                     status: "affected",
                     version: "1.14.0",
                  },
                  {
                     status: "affected",
                     version: "1.14.1",
                  },
                  {
                     status: "affected",
                     version: "1.14.2",
                  },
                  {
                     status: "affected",
                     version: "1.14.3",
                  },
                  {
                     status: "affected",
                     version: "1.14.4",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul Enterprise",
               vendor: "HashiCorp",
               versions: [
                  {
                     status: "affected",
                     version: "1.14.0",
                  },
                  {
                     status: "affected",
                     version: "1.14.1",
                  },
                  {
                     status: "affected",
                     version: "1.14.2",
                  },
                  {
                     status: "affected",
                     version: "1.14.3",
                  },
                  {
                     status: "affected",
                     version: "1.14.4",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "To exploit this vulnerability, an attacker requires access to an ACL token with service:write permissions, and there needs to be at least one running ingress or API gateway that is configured to route traffic to an upstream service.",
                  },
               ],
               value: "Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-113",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-113: Interface Manipulation",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 4.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-476",
                     description: "CWE-476: Null Pointer Dereference",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-09-15T20:06:19.253Z",
            orgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
            shortName: "HashiCorp",
         },
         references: [
            {
               url: "https://discuss.hashicorp.com/t/hcsec-2023-06-consul-server-panic-when-ingress-and-api-gateways-configured-with-peering-connections/51197",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/",
            },
         ],
         source: {
            discovery: "INTERNAL",
         },
         title: "Consul Server Panic when Ingress and API Gateways Configured with Peering",
      },
   },
   cveMetadata: {
      assignerOrgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
      assignerShortName: "HashiCorp",
      cveId: "CVE-2023-0845",
      datePublished: "2023-03-09T15:14:26.581Z",
      dateReserved: "2023-02-15T15:53:44.942Z",
      dateUpdated: "2025-02-13T16:39:09.453Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-3518
Vulnerability from cvelistv5
Published
2023-08-09 15:06
Modified
2024-10-08 14:56
Summary
HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T06:55:03.386Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2023-25-consul-jwt-auth-in-l7-intentions-allow-for-mismatched-service-identity-and-jwt-providers/57004",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-3518",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-08T14:42:29.313810Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-08T14:56:28.934Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul",
               repo: "https://github.com/hashicorp/consul",
               vendor: "HashiCorp",
               versions: [
                  {
                     status: "affected",
                     version: "1.16.0",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul Enterprise",
               repo: "https://github.com/hashicorp/consul",
               vendor: "HashiCorp",
               versions: [
                  {
                     status: "affected",
                     version: "1.16.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "<p>HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1.</p><br/>",
                  },
               ],
               value: "HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-1",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-266",
                     description: "CWE-266: Incorrect Privilege Assignment",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-26T21:02:13.649Z",
            orgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
            shortName: "HashiCorp",
         },
         references: [
            {
               url: "https://discuss.hashicorp.com/t/hcsec-2023-25-consul-jwt-auth-in-l7-intentions-allow-for-mismatched-service-identity-and-jwt-providers/57004",
            },
         ],
         source: {
            advisory: "HCSEC-2023-25",
            discovery: "INTERNAL",
         },
         title: "JWT Auth in L7 Intentions Allow For Mismatched Service Identity and JWT Providers for Access",
      },
   },
   cveMetadata: {
      assignerOrgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
      assignerShortName: "HashiCorp",
      cveId: "CVE-2023-3518",
      datePublished: "2023-08-09T15:06:52.406Z",
      dateReserved: "2023-07-05T21:02:24.890Z",
      dateUpdated: "2024-10-08T14:56:28.934Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-5332
Vulnerability from cvelistv5
Published
2023-12-04 06:30
Modified
2024-10-03 06:23
Summary
Patch in third party library Consul requires 'enable-script-checks' to be set to False. This was required to enable a patch by the vendor. Without this setting the patch could be bypassed. This only affects GitLab-EE.
Impacted products
Vendor Product Version
GitLab GitLab Version: 9.5.0   
Version: 16.3.0   
Version: 16.4   
    cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T07:52:08.548Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "GitLab Issue #8171",
                  tags: [
                     "issue-tracking",
                     "x_transferred",
                  ],
                  url: "https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8171",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.hashicorp.com/blog/protecting-consul-from-rce-risk-in-specific-configurations",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               cpes: [
                  "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "GitLab",
               repo: "git://git@gitlab.com:gitlab-org/gitlab.git",
               vendor: "GitLab",
               versions: [
                  {
                     lessThan: "16.2.8",
                     status: "affected",
                     version: "9.5.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "16.3.5",
                     status: "affected",
                     version: "16.3.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "16.4.1",
                     status: "affected",
                     version: "16.4",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "This issue was reported internally.",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Patch in third party library Consul requires 'enable-script-checks' to be set to False. This was required to enable a patch by the vendor. Without this setting the patch could be bypassed. This only affects GitLab-EE.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-1395",
                     description: "CWE-1395: Dependency on Vulnerable Third-Party Component",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-10-03T06:23:16.051Z",
            orgId: "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
            shortName: "GitLab",
         },
         references: [
            {
               name: "GitLab Issue #8171",
               tags: [
                  "issue-tracking",
               ],
               url: "https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8171",
            },
            {
               url: "https://www.hashicorp.com/blog/protecting-consul-from-rce-risk-in-specific-configurations",
            },
         ],
         solutions: [
            {
               lang: "en",
               value: "Upgrade to versions 16.2.8, 16.3.5, 16.4.1 or above.",
            },
         ],
         title: "Dependency on Vulnerable Third-Party Component in GitLab",
      },
   },
   cveMetadata: {
      assignerOrgId: "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
      assignerShortName: "GitLab",
      cveId: "CVE-2023-5332",
      datePublished: "2023-12-04T06:30:33.856Z",
      dateReserved: "2023-10-02T12:01:25.316Z",
      dateUpdated: "2024-10-03T06:23:16.051Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-41803
Vulnerability from cvelistv5
Published
2022-09-23 00:00
Modified
2024-08-04 03:22
Severity ?
Summary
HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2."
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T03:22:24.351Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.hashicorp.com/blog/category/consul",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2022-19-consul-auto-config-jwt-authorization-missing-input-validation/44627",
               },
               {
                  name: "FEDORA-2023-9f5f1ef40a",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/",
               },
               {
                  name: "FEDORA-2023-cf3551046d",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/",
               },
               {
                  name: "FEDORA-2023-b9c1d0e4c5",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2.\"",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-09-15T20:06:23.780861",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               url: "https://www.hashicorp.com/blog/category/consul",
            },
            {
               url: "https://discuss.hashicorp.com/t/hcsec-2022-19-consul-auto-config-jwt-authorization-missing-input-validation/44627",
            },
            {
               name: "FEDORA-2023-9f5f1ef40a",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/",
            },
            {
               name: "FEDORA-2023-cf3551046d",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/",
            },
            {
               name: "FEDORA-2023-b9c1d0e4c5",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-41803",
      datePublished: "2022-09-23T00:00:00",
      dateReserved: "2021-09-29T00:00:00",
      dateUpdated: "2024-08-04T03:22:24.351Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-1297
Vulnerability from cvelistv5
Published
2023-06-02 22:48
Modified
2025-01-08 17:51
Summary
Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3
Impacted products
Vendor Product Version
HashiCorp Consul Version: 1.14.0    1.14.5
Version: 1.15.0    1.15.3
Create a notification for this product.
   HashiCorp Consul Enterprise Version: 1.14.0    1.14.5
Version: 1.15.0    1.15.3
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T05:41:00.070Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2023-15-consul-cluster-peering-can-result-in-denial-of-service/54515",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-1297",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-01-08T17:50:24.766676Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-01-08T17:51:02.037Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul",
               repo: "https://github.com/hashicorp/consul",
               vendor: "HashiCorp",
               versions: [
                  {
                     lessThanOrEqual: "1.14.5",
                     status: "affected",
                     version: "1.14.0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "1.15.3",
                     status: "affected",
                     version: "1.15.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul Enterprise",
               vendor: "HashiCorp",
               versions: [
                  {
                     lessThanOrEqual: "1.14.5",
                     status: "affected",
                     version: "1.14.0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "1.15.3",
                     status: "affected",
                     version: "1.15.0",
                     versionType: "semver",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "To exploit this vulnerability, an attacker requires access to an ACL token with service:write permissions in a cluster that uses cluster peering.",
                  },
               ],
               value: "Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-176",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-176: Configuration/Environment Manipulation",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 4.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-826",
                     description: "CWE-826: Premature Release of Resource During Expected Lifetime",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-06-02T22:48:28.938Z",
            orgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
            shortName: "HashiCorp",
         },
         references: [
            {
               url: "https://discuss.hashicorp.com/t/hcsec-2023-15-consul-cluster-peering-can-result-in-denial-of-service/54515",
            },
         ],
         source: {
            discovery: "INTERNAL",
         },
         title: " Consul Cluster Peering can Result in Denial of Service",
      },
   },
   cveMetadata: {
      assignerOrgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
      assignerShortName: "HashiCorp",
      cveId: "CVE-2023-1297",
      datePublished: "2023-06-02T22:48:28.938Z",
      dateReserved: "2023-03-09T18:51:51.406Z",
      dateUpdated: "2025-01-08T17:51:02.037Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-3121
Vulnerability from cvelistv5
Published
2021-01-11 05:57
Modified
2024-08-03 16:45
Severity ?
Summary
An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T16:45:51.251Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
               },
               {
                  name: "[pulsar-commits] 20210121 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e%40%3Ccommits.pulsar.apache.org%3E",
               },
               {
                  name: "[pulsar-commits] 20210122 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44%40%3Ccommits.pulsar.apache.org%3E",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20210219-0006/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025",
               },
               {
                  name: "[skywalking-notifications] 20211018 [GitHub] [skywalking-swck] hanahmily opened a new pull request #37: Fix vulnerabilities",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff%40%3Cnotifications.skywalking.apache.org%3E",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-10-18T05:06:11",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
            },
            {
               name: "[pulsar-commits] 20210121 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e%40%3Ccommits.pulsar.apache.org%3E",
            },
            {
               name: "[pulsar-commits] 20210122 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44%40%3Ccommits.pulsar.apache.org%3E",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20210219-0006/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025",
            },
            {
               name: "[skywalking-notifications] 20211018 [GitHub] [skywalking-swck] hanahmily opened a new pull request #37: Fix vulnerabilities",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff%40%3Cnotifications.skywalking.apache.org%3E",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-3121",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc",
                     refsource: "MISC",
                     url: "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc",
                  },
                  {
                     name: "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
                     refsource: "MISC",
                     url: "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
                  },
                  {
                     name: "[pulsar-commits] 20210121 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
                  },
                  {
                     name: "[pulsar-commits] 20210122 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20210219-0006/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20210219-0006/",
                  },
                  {
                     name: "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025",
                     refsource: "MISC",
                     url: "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025",
                  },
                  {
                     name: "[skywalking-notifications] 20211018 [GitHub] [skywalking-swck] hanahmily opened a new pull request #37: Fix vulnerabilities",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-3121",
      datePublished: "2021-01-11T05:57:18",
      dateReserved: "2021-01-11T00:00:00",
      dateUpdated: "2024-08-03T16:45:51.251Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-25201
Vulnerability from cvelistv5
Published
2020-11-04 22:32
Modified
2024-08-04 15:33
Severity ?
Summary
HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T15:33:05.268Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.hashicorp.com/blog/category/consul",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#185-october-23-2020",
               },
               {
                  name: "GLSA-202208-09",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202208-09",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-10T05:09:08",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.hashicorp.com/blog/category/consul",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#185-october-23-2020",
            },
            {
               name: "GLSA-202208-09",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202208-09",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-25201",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.hashicorp.com/blog/category/consul",
                     refsource: "MISC",
                     url: "https://www.hashicorp.com/blog/category/consul",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#185-october-23-2020",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#185-october-23-2020",
                  },
                  {
                     name: "GLSA-202208-09",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202208-09",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-25201",
      datePublished: "2020-11-04T22:32:10",
      dateReserved: "2020-09-04T00:00:00",
      dateUpdated: "2024-08-04T15:33:05.268Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-13250
Vulnerability from cvelistv5
Published
2020-06-11 19:16
Modified
2024-08-04 12:11
Severity ?
Summary
HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service. Fixed in 1.6.6 and 1.7.4.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T12:11:19.467Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/pull/8023",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2020-06-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service. Fixed in 1.6.6 and 1.7.4.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-06-11T19:16:12",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/pull/8023",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-13250",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service. Fixed in 1.6.6 and 1.7.4.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/hashicorp/consul/pull/8023",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/pull/8023",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-13250",
      datePublished: "2020-06-11T19:16:12",
      dateReserved: "2020-05-20T00:00:00",
      dateUpdated: "2024-08-04T12:11:19.467Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-38698
Vulnerability from cvelistv5
Published
2021-09-07 11:45
Modified
2024-08-04 01:51
Severity ?
Summary
HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. Fixed in 1.8.15, 1.9.9 and 1.10.2.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:51:19.213Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.hashicorp.com/blog/category/consul",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2021-24-consul-missing-authorization-check-on-txn-apply-endpoint/29026",
               },
               {
                  name: "GLSA-202208-09",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202208-09",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. Fixed in 1.8.15, 1.9.9 and 1.10.2.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-10T05:07:52",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.hashicorp.com/blog/category/consul",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://discuss.hashicorp.com/t/hcsec-2021-24-consul-missing-authorization-check-on-txn-apply-endpoint/29026",
            },
            {
               name: "GLSA-202208-09",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202208-09",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-38698",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. Fixed in 1.8.15, 1.9.9 and 1.10.2.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.hashicorp.com/blog/category/consul",
                     refsource: "MISC",
                     url: "https://www.hashicorp.com/blog/category/consul",
                  },
                  {
                     name: "https://discuss.hashicorp.com/t/hcsec-2021-24-consul-missing-authorization-check-on-txn-apply-endpoint/29026",
                     refsource: "MISC",
                     url: "https://discuss.hashicorp.com/t/hcsec-2021-24-consul-missing-authorization-check-on-txn-apply-endpoint/29026",
                  },
                  {
                     name: "GLSA-202208-09",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202208-09",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-38698",
      datePublished: "2021-09-07T11:45:14",
      dateReserved: "2021-08-14T00:00:00",
      dateUpdated: "2024-08-04T01:51:19.213Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-2816
Vulnerability from cvelistv5
Published
2023-06-02 22:43
Modified
2024-10-07 20:12
Summary
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.
Impacted products
Vendor Product Version
HashiCorp Consul Version: 1.15.0
Version: 1.15.1
Version: 1.15.2
Create a notification for this product.
   HashiCorp Consul Enterprise Version: 1.15.0
Version: 1.15.1
Version: 1.15.2
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:hashicorp:consul:1.15.0:*:*:*:-:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "consul",
                  vendor: "hashicorp",
                  versions: [
                     {
                        lessThanOrEqual: "1.15.2",
                        status: "affected",
                        version: "1.15.0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:hashicorp:consul:1.15.0:*:*:*:enterprise:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "consul",
                  vendor: "hashicorp",
                  versions: [
                     {
                        lessThanOrEqual: "1.15.2",
                        status: "affected",
                        version: "1.15.0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-2816",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-07T20:11:32.907747Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-07T20:12:01.627Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T06:33:05.672Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2023-16-consul-envoy-extension-downstream-proxy-configuration-by-upstream-service-owner/54525",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul",
               repo: "https://github.com/hashicorp/consul",
               vendor: "HashiCorp",
               versions: [
                  {
                     status: "affected",
                     version: "1.15.0",
                  },
                  {
                     status: "affected",
                     version: "1.15.1",
                  },
                  {
                     status: "affected",
                     version: "1.15.2",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul Enterprise",
               repo: "https://github.com/hashicorp/consul",
               vendor: "HashiCorp",
               versions: [
                  {
                     status: "affected",
                     version: "1.15.0",
                  },
                  {
                     status: "affected",
                     version: "1.15.1",
                  },
                  {
                     status: "affected",
                     version: "1.15.2",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "<p>Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.</p><br/>",
                  },
               ],
               value: "Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-113",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-113: Interface Manipulation",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 8.7,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-266",
                     description: "CWE-266: Incorrect Privilege Assignment",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-26T18:59:27.367Z",
            orgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
            shortName: "HashiCorp",
         },
         references: [
            {
               url: "https://discuss.hashicorp.com/t/hcsec-2023-16-consul-envoy-extension-downstream-proxy-configuration-by-upstream-service-owner/54525",
            },
         ],
         source: {
            advisory: "HCSEC-2023-16",
            discovery: "INTERNAL",
         },
         title: "Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner",
      },
   },
   cveMetadata: {
      assignerOrgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
      assignerShortName: "HashiCorp",
      cveId: "CVE-2023-2816",
      datePublished: "2023-06-02T22:43:34.553Z",
      dateReserved: "2023-05-19T18:11:06.618Z",
      dateUpdated: "2024-10-07T20:12:01.627Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-8336
Vulnerability from cvelistv5
Published
2019-03-05 23:00
Modified
2024-08-04 21:17
Severity ?
Summary
HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters, because a token with literally "<hidden>" as its secret is used in unusual circumstances.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T21:17:31.211Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/issues/5423",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2019-03-05T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters, because a token with literally \"<hidden>\" as its secret is used in unusual circumstances.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-03-05T23:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/hashicorp/consul/issues/5423",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-8336",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters, because a token with literally \"<hidden>\" as its secret is used in unusual circumstances.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/hashicorp/consul/issues/5423",
                     refsource: "MISC",
                     url: "https://github.com/hashicorp/consul/issues/5423",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-8336",
      datePublished: "2019-03-05T23:00:00",
      dateReserved: "2019-02-13T00:00:00",
      dateUpdated: "2024-08-04T21:17:31.211Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-37219
Vulnerability from cvelistv5
Published
2021-09-07 11:33
Modified
2024-08-04 01:16
Severity ?
Summary
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T01:16:03.813Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.hashicorp.com/blog/category/consul",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2021-22-consul-raft-rpc-privilege-escalation/29024",
               },
               {
                  name: "GLSA-202207-01",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202207-01",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-01T20:08:30",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.hashicorp.com/blog/category/consul",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://discuss.hashicorp.com/t/hcsec-2021-22-consul-raft-rpc-privilege-escalation/29024",
            },
            {
               name: "GLSA-202207-01",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202207-01",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-37219",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.hashicorp.com/blog/category/consul",
                     refsource: "MISC",
                     url: "https://www.hashicorp.com/blog/category/consul",
                  },
                  {
                     name: "https://discuss.hashicorp.com/t/hcsec-2021-22-consul-raft-rpc-privilege-escalation/29024",
                     refsource: "MISC",
                     url: "https://discuss.hashicorp.com/t/hcsec-2021-22-consul-raft-rpc-privilege-escalation/29024",
                  },
                  {
                     name: "GLSA-202207-01",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202207-01",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-37219",
      datePublished: "2021-09-07T11:33:26",
      dateReserved: "2021-07-21T00:00:00",
      dateUpdated: "2024-08-04T01:16:03.813Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-13170
Vulnerability from cvelistv5
Published
2020-06-11 19:41
Modified
2024-08-04 12:11
Severity ?
Summary
HashiCorp Consul and Consul Enterprise did not appropriately enforce scope for local tokens issued by a primary data center, where replication to a secondary data center was not enabled. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T12:11:19.316Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/pull/8068",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2020-06-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise did not appropriately enforce scope for local tokens issued by a primary data center, where replication to a secondary data center was not enabled. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-06-11T19:41:25",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/pull/8068",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-13170",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul and Consul Enterprise did not appropriately enforce scope for local tokens issued by a primary data center, where replication to a secondary data center was not enabled. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/pull/8068",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/pull/8068",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-13170",
      datePublished: "2020-06-11T19:41:25",
      dateReserved: "2020-05-19T00:00:00",
      dateUpdated: "2024-08-04T12:11:19.316Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-10086
Vulnerability from cvelistv5
Published
2024-10-30 21:21
Modified
2025-01-10 13:06
Summary
A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-10086",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-31T13:49:16.403136Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-31T13:49:28.120Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2025-01-10T13:06:42.658Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "https://security.netapp.com/advisory/ntap-20250110-0006/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul",
               repo: "https://github.com/hashicorp/consul",
               vendor: "HashiCorp",
               versions: [
                  {
                     lessThan: "1.20.0",
                     status: "affected",
                     version: "1.4.1",
                     versionType: "semver",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul Enterprise",
               repo: "https://github.com/hashicorp/consul",
               vendor: "HashiCorp",
               versions: [
                  {
                     changes: [
                        {
                           at: "1.19.3",
                           status: "unaffected",
                        },
                        {
                           at: "1.18.5",
                           status: "unaffected",
                        },
                        {
                           at: "1.15.15",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "1.20.0",
                     status: "affected",
                     version: "1.4.1",
                     versionType: "semver",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "<p>A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.</p><br/>",
                  },
               ],
               value: "A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-63",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-63: Cross-Site Scripting (XSS)",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79: Improper Neutralization of Input During Web Page Generation",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-10-30T21:21:46.559Z",
            orgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
            shortName: "HashiCorp",
         },
         references: [
            {
               url: "https://discuss.hashicorp.com/t/hcsec-2024-24-consul-vulnerable-to-reflected-xss-on-content-type-error-manipulation",
            },
         ],
         source: {
            advisory: "HCSEC-2024-24",
            discovery: "EXTERNAL",
         },
         title: "Consul Vulnerable To Reflected XSS On Content-Type Error Manipulation",
      },
   },
   cveMetadata: {
      assignerOrgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
      assignerShortName: "HashiCorp",
      cveId: "CVE-2024-10086",
      datePublished: "2024-10-30T21:21:46.559Z",
      dateReserved: "2024-10-17T15:23:28.133Z",
      dateUpdated: "2025-01-10T13:06:42.658Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-10006
Vulnerability from cvelistv5
Published
2024-10-30 21:20
Modified
2025-01-10 13:06
Summary
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:hashicorp:consul:-:*:*:*:enterprise:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "consul",
                  vendor: "hashicorp",
                  versions: [
                     {
                        lessThan: "1.20.1",
                        status: "affected",
                        version: "1.9.0",
                        versionType: "semver",
                     },
                     {
                        status: "unaffected",
                        version: "1.19.3",
                     },
                     {
                        status: "unaffected",
                        version: "1.18.5",
                     },
                     {
                        status: "unaffected",
                        version: "1.15.15",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:hashicorp:consul:*:*:*:*:community:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "consul",
                  vendor: "hashicorp",
                  versions: [
                     {
                        lessThan: "1.20.1",
                        status: "affected",
                        version: "1.9.0",
                        versionType: "semver",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-10006",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-31T13:49:58.696502Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-31T13:59:13.505Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2025-01-10T13:06:41.296Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "https://security.netapp.com/advisory/ntap-20250110-0005/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul",
               repo: "https://github.com/hashicorp/consul",
               vendor: "HashiCorp",
               versions: [
                  {
                     lessThan: "1.20.1",
                     status: "affected",
                     version: "1.9.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul Enterprise",
               repo: "https://github.com/hashicorp/consul",
               vendor: "HashiCorp",
               versions: [
                  {
                     changes: [
                        {
                           at: "1.19.3",
                           status: "unaffected",
                        },
                        {
                           at: "1.18.5",
                           status: "unaffected",
                        },
                        {
                           at: "1.15.15",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "1.20.1",
                     status: "affected",
                     version: "1.9.0",
                     versionType: "semver",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "<p>A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.</p><br/>",
                  },
               ],
               value: "A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-220",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-220: Client-Server Protocol Manipulation",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 8.3,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-644",
                     description: "CWE-644: Improper Neutralization of HTTP Headers",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-10-30T21:20:37.011Z",
            orgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
            shortName: "HashiCorp",
         },
         references: [
            {
               url: "https://discuss.hashicorp.com/t/hcsec-2024-23-consul-l7-intentions-vulnerable-to-headers-bypass",
            },
         ],
         source: {
            advisory: "HCSEC-2024-23",
            discovery: "EXTERNAL",
         },
         title: "Consul L7 Intentions Vulnerable To Headers Bypass",
      },
   },
   cveMetadata: {
      assignerOrgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
      assignerShortName: "HashiCorp",
      cveId: "CVE-2024-10006",
      datePublished: "2024-10-30T21:20:37.011Z",
      dateReserved: "2024-10-15T17:46:48.500Z",
      dateUpdated: "2025-01-10T13:06:41.296Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-40716
Vulnerability from cvelistv5
Published
2022-09-23 00:00
Modified
2024-08-03 12:21
Severity ?
Summary
HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2."
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T12:21:46.762Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2022-20-consul-service-mesh-intention-bypass-with-malicious-certificate-signing-request/44628",
               },
               {
                  name: "FEDORA-2023-9f5f1ef40a",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/",
               },
               {
                  name: "FEDORA-2023-cf3551046d",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/",
               },
               {
                  name: "FEDORA-2023-b9c1d0e4c5",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2.\"",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-09-15T20:06:30.853852",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               url: "https://discuss.hashicorp.com",
            },
            {
               url: "https://discuss.hashicorp.com/t/hcsec-2022-20-consul-service-mesh-intention-bypass-with-malicious-certificate-signing-request/44628",
            },
            {
               name: "FEDORA-2023-9f5f1ef40a",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/",
            },
            {
               name: "FEDORA-2023-cf3551046d",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/",
            },
            {
               name: "FEDORA-2023-b9c1d0e4c5",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2022-40716",
      datePublished: "2022-09-23T00:00:00",
      dateReserved: "2022-09-14T00:00:00",
      dateUpdated: "2024-08-03T12:21:46.762Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-10005
Vulnerability from cvelistv5
Published
2024-10-30 21:19
Modified
2025-01-10 13:06
Summary
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:hashicorp:consul:-:*:*:*:enterprise:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "consul",
                  vendor: "hashicorp",
                  versions: [
                     {
                        lessThan: "1.20.1",
                        status: "affected",
                        version: "1.9.0",
                        versionType: "semver",
                     },
                     {
                        status: "unaffected",
                        version: "1.19.3",
                     },
                     {
                        status: "unaffected",
                        version: "1.18.5",
                     },
                     {
                        status: "unaffected",
                        version: "1.15.15",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:hashicorp:consul:*:*:*:*:community:*:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "consul",
                  vendor: "hashicorp",
                  versions: [
                     {
                        lessThan: "1.20.1",
                        status: "affected",
                        version: "1.9.0",
                        versionType: "semver",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-10005",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-31T13:59:37.966921Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-31T14:01:55.370Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2025-01-10T13:06:39.935Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "https://security.netapp.com/advisory/ntap-20250110-0004/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul",
               repo: "https://github.com/hashicorp/consul",
               vendor: "HashiCorp",
               versions: [
                  {
                     lessThan: "1.20.1",
                     status: "affected",
                     version: "1.9.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul Enterprise",
               repo: "https://github.com/hashicorp/consul",
               vendor: "HashiCorp",
               versions: [
                  {
                     changes: [
                        {
                           at: "1.19.3",
                           status: "unaffected",
                        },
                        {
                           at: "1.18.5",
                           status: "unaffected",
                        },
                        {
                           at: "1.15.15",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "1.20.1",
                     status: "affected",
                     version: "1.9.0",
                     versionType: "semver",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "<p>A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.</p><br/>",
                  },
               ],
               value: "A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-126",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-126: Path Traversal",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-10-30T21:19:22.576Z",
            orgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
            shortName: "HashiCorp",
         },
         references: [
            {
               url: "https://discuss.hashicorp.com/t/hcsec-2024-22-consul-l7-intentions-vulnerable-to-url-path-bypass",
            },
         ],
         source: {
            advisory: "HCSEC-2024-22",
            discovery: "EXTERNAL",
         },
         title: "Consul L7 Intentions Vulnerable To URL Path Bypass",
      },
   },
   cveMetadata: {
      assignerOrgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
      assignerShortName: "HashiCorp",
      cveId: "CVE-2024-10005",
      datePublished: "2024-10-30T21:19:22.576Z",
      dateReserved: "2024-10-15T17:46:30.633Z",
      dateUpdated: "2025-01-10T13:06:39.935Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-25864
Vulnerability from cvelistv5
Published
2021-04-20 13:07
Modified
2024-08-04 15:49
Severity ?
Summary
HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T15:49:05.907Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.hashicorp.com/blog/category/consul",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2021-07-consul-api-kv-endpoint-vulnerable-to-cross-site-scripting/23368",
               },
               {
                  name: "GLSA-202208-09",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202208-09",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-10T05:08:16",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.hashicorp.com/blog/category/consul",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://discuss.hashicorp.com/t/hcsec-2021-07-consul-api-kv-endpoint-vulnerable-to-cross-site-scripting/23368",
            },
            {
               name: "GLSA-202208-09",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202208-09",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-25864",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.hashicorp.com/blog/category/consul",
                     refsource: "MISC",
                     url: "https://www.hashicorp.com/blog/category/consul",
                  },
                  {
                     name: "https://discuss.hashicorp.com/t/hcsec-2021-07-consul-api-kv-endpoint-vulnerable-to-cross-site-scripting/23368",
                     refsource: "MISC",
                     url: "https://discuss.hashicorp.com/t/hcsec-2021-07-consul-api-kv-endpoint-vulnerable-to-cross-site-scripting/23368",
                  },
                  {
                     name: "GLSA-202208-09",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202208-09",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-25864",
      datePublished: "2021-04-20T13:07:21",
      dateReserved: "2020-09-23T00:00:00",
      dateUpdated: "2024-08-04T15:49:05.907Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-32574
Vulnerability from cvelistv5
Published
2021-07-17 17:28
Modified
2024-08-03 23:25
Severity ?
Summary
HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T23:25:30.307Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.hashicorp.com/blog/category/consul",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856",
               },
               {
                  name: "GLSA-202208-09",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202208-09",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-10T05:08:04",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.hashicorp.com/blog/category/consul",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856",
            },
            {
               name: "GLSA-202208-09",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202208-09",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-32574",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.hashicorp.com/blog/category/consul",
                     refsource: "MISC",
                     url: "https://www.hashicorp.com/blog/category/consul",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
                  },
                  {
                     name: "https://discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856",
                     refsource: "CONFIRM",
                     url: "https://discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856",
                  },
                  {
                     name: "GLSA-202208-09",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202208-09",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-32574",
      datePublished: "2021-07-17T17:28:11",
      dateReserved: "2021-05-11T00:00:00",
      dateUpdated: "2024-08-03T23:25:30.307Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-41805
Vulnerability from cvelistv5
Published
2021-12-12 04:51
Modified
2024-08-04 03:22
Severity ?
Summary
HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has Incorrect Access Control. An ACL token (with the default operator:write permissions) in one namespace can be used for unintended privilege escalation in a different namespace.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T03:22:24.066Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.hashicorp.com/blog/category/consul",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2021-29-consul-enterprise-namespace-default-acls-allow-privilege-escalation/31871",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20211229-0007/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has Incorrect Access Control. An ACL token (with the default operator:write permissions) in one namespace can be used for unintended privilege escalation in a different namespace.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-12-29T20:06:38",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.hashicorp.com/blog/category/consul",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://discuss.hashicorp.com/t/hcsec-2021-29-consul-enterprise-namespace-default-acls-allow-privilege-escalation/31871",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20211229-0007/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-41805",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has Incorrect Access Control. An ACL token (with the default operator:write permissions) in one namespace can be used for unintended privilege escalation in a different namespace.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.hashicorp.com/blog/category/consul",
                     refsource: "MISC",
                     url: "https://www.hashicorp.com/blog/category/consul",
                  },
                  {
                     name: "https://discuss.hashicorp.com/t/hcsec-2021-29-consul-enterprise-namespace-default-acls-allow-privilege-escalation/31871",
                     refsource: "MISC",
                     url: "https://discuss.hashicorp.com/t/hcsec-2021-29-consul-enterprise-namespace-default-acls-allow-privilege-escalation/31871",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20211229-0007/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20211229-0007/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-41805",
      datePublished: "2021-12-12T04:51:21",
      dateReserved: "2021-09-29T00:00:00",
      dateUpdated: "2024-08-04T03:22:24.066Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-3920
Vulnerability from cvelistv5
Published
2022-11-15 23:25
Modified
2024-08-03 01:20
Summary
HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering's imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0.
Impacted products
Vendor Product Version
HashiCorp Consul Version: 1.13.0
Version: 1.13.1
Version: 1.13.2
Version: 1.13.3
Create a notification for this product.
   HashiCorp Consul Enterprise Version: 1.13.0
Version: 1.13.1
Version: 1.13.2
Version: 1.13.3
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T01:20:58.854Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2022-28-consul-cluster-peering-leaks-imported-nodes-services-information/46946",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul",
               repo: "https://github.com/hashicorp/consul",
               vendor: "HashiCorp",
               versions: [
                  {
                     status: "affected",
                     version: "1.13.0",
                  },
                  {
                     status: "affected",
                     version: "1.13.1",
                  },
                  {
                     status: "affected",
                     version: "1.13.2",
                  },
                  {
                     status: "affected",
                     version: "1.13.3",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               platforms: [
                  "64 bit",
                  "32 bit",
                  "x86",
                  "ARM",
                  "MacOS",
                  "Windows",
                  "Linux",
               ],
               product: "Consul Enterprise",
               vendor: "HashiCorp",
               versions: [
                  {
                     status: "affected",
                     version: "1.13.0",
                  },
                  {
                     status: "affected",
                     version: "1.13.1",
                  },
                  {
                     status: "affected",
                     version: "1.13.2",
                  },
                  {
                     status: "affected",
                     version: "1.13.3",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster peering's imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0.",
                  },
               ],
               value: "HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering's imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-1",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-862",
                     description: "CWE-862 Missing Authorization",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-11-15T23:25:30.161Z",
            orgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
            shortName: "HashiCorp",
         },
         references: [
            {
               url: "https://discuss.hashicorp.com/t/hcsec-2022-28-consul-cluster-peering-leaks-imported-nodes-services-information/46946",
            },
         ],
         source: {
            discovery: "INTERNAL",
         },
         title: "Consul Peering Imported Nodes/Services Leak",
      },
   },
   cveMetadata: {
      assignerOrgId: "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
      assignerShortName: "HashiCorp",
      cveId: "CVE-2022-3920",
      datePublished: "2022-11-15T23:25:30.161Z",
      dateReserved: "2022-11-09T23:10:38.071Z",
      dateUpdated: "2024-08-03T01:20:58.854Z",
      requesterUserId: "5311d85b-fc2e-473d-9ddd-71031e52448b",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-28156
Vulnerability from cvelistv5
Published
2021-04-20 15:02
Modified
2024-08-03 21:40
Severity ?
Summary
HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T21:40:12.222Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.hashicorp.com/blog/category/consul",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://discuss.hashicorp.com/t/hcsec-2021-08-consul-enterprise-audit-log-bypass-for-http-events/23369",
               },
               {
                  name: "GLSA-202208-09",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202208-09",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-10T05:09:19",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.hashicorp.com/blog/category/consul",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://discuss.hashicorp.com/t/hcsec-2021-08-consul-enterprise-audit-log-bypass-for-http-events/23369",
            },
            {
               name: "GLSA-202208-09",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202208-09",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-28156",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.hashicorp.com/blog/category/consul",
                     refsource: "MISC",
                     url: "https://www.hashicorp.com/blog/category/consul",
                  },
                  {
                     name: "https://discuss.hashicorp.com/t/hcsec-2021-08-consul-enterprise-audit-log-bypass-for-http-events/23369",
                     refsource: "MISC",
                     url: "https://discuss.hashicorp.com/t/hcsec-2021-08-consul-enterprise-audit-log-bypass-for-http-events/23369",
                  },
                  {
                     name: "GLSA-202208-09",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202208-09",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-28156",
      datePublished: "2021-04-20T15:02:58",
      dateReserved: "2021-03-11T00:00:00",
      dateUpdated: "2024-08-03T21:40:12.222Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-12758
Vulnerability from cvelistv5
Published
2020-06-11 19:23
Modified
2024-08-04 12:04
Severity ?
Summary
HashiCorp Consul and Consul Enterprise could crash when configured with an abnormally-formed service-router entry. Introduced in 1.6.0, fixed in 1.6.6 and 1.7.4.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T12:04:22.893Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/pull/7783",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2020-06-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise could crash when configured with an abnormally-formed service-router entry. Introduced in 1.6.0, fixed in 1.6.6 and 1.7.4.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-06-11T19:23:26",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/hashicorp/consul/pull/7783",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-12758",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul and Consul Enterprise could crash when configured with an abnormally-formed service-router entry. Introduced in 1.6.0, fixed in 1.6.6 and 1.7.4.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/pull/7783",
                     refsource: "CONFIRM",
                     url: "https://github.com/hashicorp/consul/pull/7783",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-12758",
      datePublished: "2020-06-11T19:23:26",
      dateReserved: "2020-05-09T00:00:00",
      dateUpdated: "2024-08-04T12:04:22.893Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-7219
Vulnerability from cvelistv5
Published
2020-01-31 12:39
Modified
2024-08-04 09:25
Severity ?
Summary
HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T09:25:48.324Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.hashicorp.com/blog/category/consul/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/issues/7159",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-01-31T12:39:17",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.hashicorp.com/blog/category/consul/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/hashicorp/consul/issues/7159",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-7219",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.hashicorp.com/blog/category/consul/",
                     refsource: "MISC",
                     url: "https://www.hashicorp.com/blog/category/consul/",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/issues/7159",
                     refsource: "MISC",
                     url: "https://github.com/hashicorp/consul/issues/7159",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-7219",
      datePublished: "2020-01-31T12:39:17",
      dateReserved: "2020-01-17T00:00:00",
      dateUpdated: "2024-08-04T09:25:48.324Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-7955
Vulnerability from cvelistv5
Published
2020-01-31 12:19
Modified
2024-08-04 09:48
Severity ?
Summary
HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T09:48:24.496Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.hashicorp.com/blog/category/consul/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/hashicorp/consul/issues/7160",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-01-31T12:19:40",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.hashicorp.com/blog/category/consul/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/hashicorp/consul/issues/7160",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-7955",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.hashicorp.com/blog/category/consul/",
                     refsource: "MISC",
                     url: "https://www.hashicorp.com/blog/category/consul/",
                  },
                  {
                     name: "https://github.com/hashicorp/consul/issues/7160",
                     refsource: "MISC",
                     url: "https://github.com/hashicorp/consul/issues/7160",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-7955",
      datePublished: "2020-01-31T12:19:40",
      dateReserved: "2020-01-24T00:00:00",
      dateUpdated: "2024-08-04T09:48:24.496Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2020-06-11 20:15
Modified
2024-11-21 05:00
Summary
HashiCorp Consul and Consul Enterprise did not appropriately enforce scope for local tokens issued by a primary data center, where replication to a secondary data center was not enabled. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B3E87E3-68E1-484A-8E77-62EF62B2C195",
                     versionEndExcluding: "1.6.6",
                     versionStartIncluding: "1.4.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "A0F6A4C8-AE8D-469D-9E76-7EFF3FD348E4",
                     versionEndExcluding: "1.6.6",
                     versionStartIncluding: "1.4.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C75147A9-FD13-4698-A736-1A351A96B221",
                     versionEndExcluding: "1.7.4",
                     versionStartIncluding: "1.7.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "804310A0-646B-4375-A7D7-002F65C3C4BC",
                     versionEndExcluding: "1.7.4",
                     versionStartIncluding: "1.7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise did not appropriately enforce scope for local tokens issued by a primary data center, where replication to a secondary data center was not enabled. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul y Consul Enterprise, no aplicaron apropiadamente el alcance de los tokens locales emitidos por un centro de datos primario, donde lo replicación a un centro de datos secundario que no estaba habilitado. Introducido en la versión 1.4.0, corregido en las versiones 1.6.6 y 1.7.4",
      },
   ],
   id: "CVE-2020-13170",
   lastModified: "2024-11-21T05:00:47.927",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-06-11T20:15:11.337",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/pull/8068",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/pull/8068",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-12-04 07:15
Modified
2024-11-21 08:41
Summary
Patch in third party library Consul requires 'enable-script-checks' to be set to False. This was required to enable a patch by the vendor. Without this setting the patch could be bypassed. This only affects GitLab-EE.
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "D2A9F08F-3E67-4BAF-98E5-C211E320BD55",
                     versionEndExcluding: "16.2.8",
                     versionStartIncluding: "9.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "CC5696C9-592A-4D50-B5BB-9A250DAB6589",
                     versionEndExcluding: "16.3.5",
                     versionStartIncluding: "16.3.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:gitlab:gitlab:16.4.0:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "6696C987-61C1-462E-8A73-016F9902BC67",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "59CB68FA-DFE8-4C80-8FB4-A6E86FF4DE19",
                     versionEndExcluding: "0.9.4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "58A2918F-9880-4605-8DC2-090513DE6337",
                     versionEndExcluding: "1.0.8",
                     versionStartIncluding: "1.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "951274EA-0268-4AC9-9561-F47045BE21AE",
                     versionEndExcluding: "1.2.4",
                     versionStartIncluding: "1.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:1.1.0:*:*:*:-:*:*:*",
                     matchCriteriaId: "8D61FF58-9664-400A-9E78-B20132C5E5CF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Patch in third party library Consul requires 'enable-script-checks' to be set to False. This was required to enable a patch by the vendor. Without this setting the patch could be bypassed. This only affects GitLab-EE.",
      },
      {
         lang: "es",
         value: "El parche en la librería de terceros Consul requiere que 'enable-script-checks' esté configurado en False. Esto fue necesario para habilitar un parche por parte del proveedor. Sin esta configuración, se podría omitir el parche. Esto sólo afecta a GitLab-EE.",
      },
   ],
   id: "CVE-2023-5332",
   lastModified: "2024-11-21T08:41:33.020",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 0.7,
            impactScore: 5.2,
            source: "cve@gitlab.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.2,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-12-04T07:15:07.120",
   references: [
      {
         source: "cve@gitlab.com",
         tags: [
            "Exploit",
            "Issue Tracking",
         ],
         url: "https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8171",
      },
      {
         source: "cve@gitlab.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/protecting-consul-from-rce-risk-in-specific-configurations",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Issue Tracking",
         ],
         url: "https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8171",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/protecting-consul-from-rce-risk-in-specific-configurations",
      },
   ],
   sourceIdentifier: "cve@gitlab.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-09-23 12:15
Modified
2024-11-21 07:21
Summary
HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2."
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "999B2E09-9A91-47B2-8B0A-869D0CB416FB",
                     versionEndExcluding: "1.11.9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "CB50BB9A-3584-4099-A622-D77EDBB69B35",
                     versionEndExcluding: "1.11.9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "1D75922B-3EDE-4707-B0BC-B8533FB9FA2C",
                     versionEndExcluding: "1.12.5",
                     versionStartIncluding: "1.12.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "06BF88BF-38B3-4ED2-963F-76EBBAF3EF27",
                     versionEndExcluding: "1.12.5",
                     versionStartIncluding: "1.12.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "F1A1E466-3870-484B-84F2-AA903D146B19",
                     versionEndExcluding: "1.13.2",
                     versionStartIncluding: "1.13.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "C3526BD3-55DC-4563-8883-D3013160720C",
                     versionEndExcluding: "1.13.2",
                     versionStartIncluding: "1.13.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2.\"",
      },
      {
         lang: "es",
         value: "HashiCorp Consul y Consul Enterprise versiones hasta la 1.11.8, 1.12.4, y 1.13.1, no comprueban los valores múltiples de SAN URI en un CSR en el endpoint RPC interno, permitiendo un aprovechamiento del acceso privilegiado para omitir las intenciones de malla de servicio. Corregido en 1.11.9, 1.12.5 y 1.13.2\".",
      },
   ],
   id: "CVE-2022-40716",
   lastModified: "2024-11-21T07:21:55.280",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-09-23T12:15:10.500",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2022-20-consul-service-mesh-intention-bypass-with-malicious-certificate-signing-request/44628",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2022-20-consul-service-mesh-intention-bypass-with-malicious-certificate-signing-request/44628",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-252",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-11-04 23:15
Modified
2024-11-21 05:17
Summary
HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5.
Impacted products
Vendor Product Version
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "F21A4BD8-484B-4573-8DA7-2DA21C6A5323",
                     versionEndIncluding: "1.8.4",
                     versionStartIncluding: "1.7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul Enterprise versiones 1.7.0 hasta 1.8.4, incluye un error de replicación de espacio de nombres que puede ser activado para causar una denegación de servicio por medio de escrituras Raft infinitas.&#xa0;Corregido en versiones 1.7.9 y 1.8.5",
      },
   ],
   id: "CVE-2020-25201",
   lastModified: "2024-11-21T05:17:37.997",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-11-04T23:15:11.923",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#185-october-23-2020",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#185-october-23-2020",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-03-26 14:29
Modified
2024-11-21 04:52
Summary
HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In other words, the product behaves as if verify_server_hostname were set to false, even when it is actually set to true. This is fixed in 1.4.4.
Impacted products
Vendor Product Version
hashicorp consul 1.4.3



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:1.4.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "974A6DF8-C1F5-4D13-8BA9-265B125C3F07",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In other words, the product behaves as if verify_server_hostname were set to false, even when it is actually set to true. This is fixed in 1.4.4.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul 1.4.3 carece de la verificación de nombres de host para las comunicaciones TLS de agente a agente. En otras palabras, el producto se comporta como si verify_server_hostname estuviese configurado como \"false\", aunque en realidad lo esté como \"true\". Esto se ha solucionado en la versión 1.4.4.",
      },
   ],
   id: "CVE-2019-9764",
   lastModified: "2024-11-21T04:52:16.080",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
               version: "3.0",
            },
            exploitabilityScore: 2.2,
            impactScore: 5.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-03-26T14:29:00.507",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/issues/5519",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/issues/5519",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-346",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-10-30 22:15
Modified
2025-01-10 13:15
Summary
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:community:*:*:*",
                     matchCriteriaId: "0D16200E-5F65-48AE-A0A5-FFADA05CA755",
                     versionEndExcluding: "1.20.1",
                     versionStartIncluding: "1.4.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "4F4529FE-6B11-4CB9-A8A2-A75D10470294",
                     versionEndExcluding: "1.15.15",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "36CDCEB8-8B22-4290-9071-81CE3F0F6B95",
                     versionEndExcluding: "1.18.5",
                     versionStartIncluding: "1.18.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "0AB043DB-FC48-4DE7-80BA-EC410ECD44F2",
                     versionEndExcluding: "1.19.3",
                     versionStartIncluding: "1.19.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:1.20.0:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "82C595D9-B7F7-487B-A2B4-B85A45DF471C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.",
      },
      {
         lang: "es",
         value: "Se identificó una vulnerabilidad en Consul y Consul Enterprise (“Consul”) tal que el uso de rutas URL en intenciones de tráfico L7 podría eludir las reglas de acceso basadas en rutas de solicitud HTTP.",
      },
   ],
   id: "CVE-2024-10005",
   lastModified: "2025-01-10T13:15:08.223",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 8.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.2,
            source: "security@hashicorp.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-10-30T22:15:02.820",
   references: [
      {
         source: "security@hashicorp.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2024-22-consul-l7-intentions-vulnerable-to-url-path-bypass",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://security.netapp.com/advisory/ntap-20250110-0004/",
      },
   ],
   sourceIdentifier: "security@hashicorp.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-22",
            },
         ],
         source: "security@hashicorp.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-22",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-06-11 20:15
Modified
2024-11-21 05:00
Summary
HashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to non-propagation to secondary data centers. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B3E87E3-68E1-484A-8E77-62EF62B2C195",
                     versionEndExcluding: "1.6.6",
                     versionStartIncluding: "1.4.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "0447C968-B944-43C4-92FA-05DC8BB6F580",
                     versionEndIncluding: "1.6.6",
                     versionStartIncluding: "1.4.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C75147A9-FD13-4698-A736-1A351A96B221",
                     versionEndExcluding: "1.7.4",
                     versionStartIncluding: "1.7.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "804310A0-646B-4375-A7D7-002F65C3C4BC",
                     versionEndExcluding: "1.7.4",
                     versionStartIncluding: "1.7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to non-propagation to secondary data centers. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul y Consul Enterprise, presentaron un fallo al aplicar cambios a las reglas de token de las ACL heredadas debido a la no propagación a centros de datos secundarios. Introducido en la versión 1.4.0, corregido en las versiones 1.6.6 y 1.7.4",
      },
   ],
   id: "CVE-2020-12797",
   lastModified: "2024-11-21T05:00:18.547",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-06-11T20:15:11.210",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/pull/8047",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/pull/8047",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-11-23 14:15
Modified
2024-11-21 05:22
Summary
HashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed operators with operator:read ACL permissions to read the Connect CA private key configuration. Fixed in 1.6.10, 1.7.10, and 1.8.6.
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "BE7453B5-137B-417F-A899-ED32E3DB2EE3",
                     versionEndExcluding: "1.6.10",
                     versionStartIncluding: "1.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "E1875B29-C61E-4D9C-808D-ADBFF6A33454",
                     versionEndExcluding: "1.6.10",
                     versionStartIncluding: "1.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "B01C7128-EAE5-402B-9BFA-33065E96433E",
                     versionEndExcluding: "1.7.10",
                     versionStartIncluding: "1.7.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "BB45A597-7C0A-459E-96CC-EA7CD0B1C2C5",
                     versionEndExcluding: "1.7.10",
                     versionStartIncluding: "1.7.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "5940D8A9-9791-4EE8-9F4B-D93564753D78",
                     versionEndExcluding: "1.8.6",
                     versionStartIncluding: "1.8.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "0EEAB2A3-86CE-461A-8E50-DEFC883DF179",
                     versionEndExcluding: "1.8.6",
                     versionStartIncluding: "1.8.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed operators with operator:read ACL permissions to read the Connect CA private key configuration. Fixed in 1.6.10, 1.7.10, and 1.8.6.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul y Consul Enterprise versiones 1.2.0 hasta 1.8.5, permitieron a operadores con operador: leer unos permisos ACL para leer la configuración de la clave privada de Connect CA.&#xa0;Corregido en versiones 1.6.10, 1.7.10 y 1.8.6",
      },
   ],
   id: "CVE-2020-28053",
   lastModified: "2024-11-21T05:22:17.453",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "NONE",
               baseScore: 4,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-11-23T14:15:12.377",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#186-november-19-2020",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Product",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#186-november-19-2020",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-863",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-01-31 13:15
Modified
2024-11-21 05:36
Summary
HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3.
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "860E97FE-158E-4C5E-9FBE-6AD01C64EAC5",
                     versionEndExcluding: "1.6.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "4DADE12B-5A16-41DA-931B-E2E6B7E6C43C",
                     versionEndExcluding: "1.6.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul and Consul Enterprise versiones hasta 1.6.2. Los servicios HTTP/RPC permitieron un uso de recursos ilimitado y fueron susceptibles a una denegación de servicio no autenticada. Corregido en versión 1.6.3.",
      },
   ],
   id: "CVE-2020-7219",
   lastModified: "2024-11-21T05:36:51.380",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-01-31T13:15:10.627",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/issues/7159",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/issues/7159",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-770",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-06-06 17:29
Modified
2024-11-21 04:22
Summary
HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Keys not matching a specific ACL rule used for prefix matching in a policy can be deleted by a token using that policy even with default deny settings configured.
References
cve@mitre.orghttps://github.com/hashicorp/consul/issues/5888Issue Tracking, Mitigation, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/hashicorp/consul/issues/5888Issue Tracking, Mitigation, Patch, Third Party Advisory
Impacted products
Vendor Product Version
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD705B1C-6F80-4BF8-BEE0-F785FA04EF53",
                     versionEndIncluding: "1.5.0",
                     versionStartIncluding: "1.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Keys not matching a specific ACL rule used for prefix matching in a policy can be deleted by a token using that policy even with default deny settings configured.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul 1.4.0 through 1.5.0 tiene accesos de control incorrectos, Las claves que no coinciden con una regla de ACL específica utilizada para la coincidencia de prefijos en una política se pueden eliminar con un token que usa esa política incluso con la configuración predeterminada de denegación configurada.",
      },
   ],
   id: "CVE-2019-12291",
   lastModified: "2024-11-21T04:22:34.077",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.4,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-06-06T17:29:00.353",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Mitigation",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/issues/5888",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Mitigation",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/issues/5888",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-06-11 20:15
Modified
2024-11-21 05:00
Summary
HashiCorp Consul and Consul Enterprise could crash when configured with an abnormally-formed service-router entry. Introduced in 1.6.0, fixed in 1.6.6 and 1.7.4.
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AFCF4BDA-C092-4C15-87CF-1B65F5A675ED",
                     versionEndExcluding: "1.6.6",
                     versionStartIncluding: "1.6.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "9C491092-7E6B-43B6-ADEE-114FDFF193E5",
                     versionEndExcluding: "1.6.6",
                     versionStartIncluding: "1.6.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C75147A9-FD13-4698-A736-1A351A96B221",
                     versionEndExcluding: "1.7.4",
                     versionStartIncluding: "1.7.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "804310A0-646B-4375-A7D7-002F65C3C4BC",
                     versionEndExcluding: "1.7.4",
                     versionStartIncluding: "1.7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise could crash when configured with an abnormally-formed service-router entry. Introduced in 1.6.0, fixed in 1.6.6 and 1.7.4.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul y Consul Enterprise, podrían bloquearse cuando son configurados con una entrada del enrutador de servicio anormalmente formada. Introducido en la versión 1.6.0, corregido en las versiones 1.6.6 y 1.7.4",
      },
   ],
   id: "CVE-2020-12758",
   lastModified: "2024-11-21T05:00:13.357",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-06-11T20:15:11.100",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/pull/7783",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/pull/7783",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-404",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-09-23 01:15
Modified
2024-11-21 06:26
Summary
HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2."
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *
hashicorp consul 1.12.4
hashicorp consul 1.12.4
hashicorp consul 1.13.1
hashicorp consul 1.13.1



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "5383A26F-D49C-435F-A81D-15A1A7A74215",
                     versionEndExcluding: "1.11.9",
                     versionStartIncluding: "1.8.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "E72F2F36-94E2-40D8-AC42-805F3EB54922",
                     versionEndExcluding: "1.11.9",
                     versionStartIncluding: "1.8.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:1.12.4:*:*:*:-:*:*:*",
                     matchCriteriaId: "4A8E6F38-D34C-4EAE-98C6-6C65ACF35BEA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:1.12.4:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "6A7455E7-398A-42A5-946A-2497B88394F2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:1.13.1:*:*:*:-:*:*:*",
                     matchCriteriaId: "80BC2226-63EB-41E2-BEB4-4B3A84393E48",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:1.13.1:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "5A31B819-4F49-42A3-9685-CE34440A4850",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2.\"",
      },
      {
         lang: "es",
         value: "HashiCorp Consul versiones 1.8.1 hasta 1.11.8, 1.12.4 y 1.13.1, no comprueban apropiadamente los nombres de nodos o segmentos antes de la interpolación y el uso en las aserciones de reclamación JWT con el RPC de configuración automática. Corregido en versiones 1.11.9, 1.12.5 y 1.13.2\".",
      },
   ],
   id: "CVE-2021-41803",
   lastModified: "2024-11-21T06:26:47.613",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "LOW",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 4.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-09-23T01:15:08.623",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2022-19-consul-auto-config-jwt-authorization-missing-input-validation/44627",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2022-19-consul-auto-config-jwt-authorization-missing-input-validation/44627",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-06-02 23:15
Modified
2024-11-21 07:59
Summary
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "9D592391-F006-4F99-BF39-DAA3D2B86305",
                     versionEndExcluding: "1.15.3",
                     versionStartIncluding: "1.15.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "12E16E32-03E5-44B6-BAB5-8809E6E852F4",
                     versionEndExcluding: "1.15.3",
                     versionStartIncluding: "1.15.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.",
      },
   ],
   id: "CVE-2023-2816",
   lastModified: "2024-11-21T07:59:20.730",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 8.7,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.3,
            impactScore: 5.8,
            source: "security@hashicorp.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-06-02T23:15:09.503",
   references: [
      {
         source: "security@hashicorp.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2023-16-consul-envoy-extension-downstream-proxy-configuration-by-upstream-service-owner/54525",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2023-16-consul-envoy-extension-downstream-proxy-configuration-by-upstream-service-owner/54525",
      },
   ],
   sourceIdentifier: "security@hashicorp.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-266",
            },
         ],
         source: "security@hashicorp.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2018-12-09 19:29
Modified
2024-11-21 03:58
Summary
HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the verify_outgoing setting is improperly documented. NOTE: the vendor has provided reconfiguration steps that do not require a software upgrade.
Impacted products
Vendor Product Version
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FDC26AF2-3C2E-41D7-94FA-336C9B722674",
                     versionEndIncluding: "1.4.0",
                     versionStartIncluding: "0.5.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the verify_outgoing setting is improperly documented. NOTE: the vendor has provided reconfiguration steps that do not require a software upgrade.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul, de la versión 0.5.1 a la 1.4.0, puede emplear comunicaciones RPC de agente a agente en texto claro debido a que la opción verify_outgoing setting está mal documentada. NOTA: el fabricante ha proporcionado instrucciones de reconfiguración que no requieren actualizar el software.",
      },
   ],
   id: "CVE-2018-19653",
   lastModified: "2024-11-21T03:58:21.630",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
               version: "3.0",
            },
            exploitabilityScore: 2.2,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2018-12-09T19:29:00.250",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/pull/5069",
      },
      {
         source: "cve@mitre.org",
         url: "https://groups.google.com/forum/#%21topic/consul-tool/7TCw06oio0I",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/pull/5069",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://groups.google.com/forum/#%21topic/consul-tool/7TCw06oio0I",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-310",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-09-07 12:15
Modified
2024-11-21 06:14
Summary
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "3CFEFC70-871E-4DC3-B23E-E7AFBE7106C1",
                     versionEndExcluding: "1.8.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "D8536B85-06DD-4498-BFB5-C729CF5346C6",
                     versionEndExcluding: "1.8.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "EA1C73D1-3A32-488A-B5EC-7BDFA7DBD417",
                     versionEndExcluding: "1.9.9",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "4EA73576-AADE-4142-8617-937F9E5A32F8",
                     versionEndExcluding: "1.9.9",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "19BE17DA-3808-42DD-817A-B43CE7619281",
                     versionEndExcluding: "1.10.2",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "AE470E84-7E0A-4EFC-91CF-A297C1C3D4FC",
                     versionEndExcluding: "1.10.2",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.",
      },
      {
         lang: "es",
         value: "La capa RPC de HashiCorp Consul y Consul Enterprise Raft versión 1.10.1 , permite a agentes que no son servidores con un certificado válido firmado por la misma CA acceder a la funcionalidad server-only, permitiendo una escalada de privilegios. Corregido en 1.8.15, 1.9.9 y 1.10.2",
      },
   ],
   id: "CVE-2021-37219",
   lastModified: "2024-11-21T06:14:53.253",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-09-07T12:15:07.727",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-22-consul-raft-rpc-privilege-escalation/29024",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202207-01",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Product",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-22-consul-raft-rpc-privilege-escalation/29024",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202207-01",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-295",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-03-05 23:29
Modified
2024-11-21 04:49
Summary
HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters, because a token with literally "<hidden>" as its secret is used in unusual circumstances.
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:community:*:*:*",
                     matchCriteriaId: "8CF1EE2B-246C-4827-9B89-13C10E4F0424",
                     versionEndExcluding: "1.4.3",
                     versionStartIncluding: "1.4.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "BD7A87ED-D5F1-473F-9F20-AD8F8FF9A6DA",
                     versionEndExcluding: "1.4.3",
                     versionStartIncluding: "1.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters, because a token with literally \"<hidden>\" as its secret is used in unusual circumstances.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul (y Consul Enterprise), en versiones 1.4.x anteriores a la 1.4.3, permite que un cliente omita las restricciones de acceso planeadas y obtenga los privilegios de otro token arbitrario con centros de datos secundarios. Esto se debe a que un token con \"<hidden>\" como su secreto se emplea en circunstancias inusuales.",
      },
   ],
   id: "CVE-2019-8336",
   lastModified: "2024-11-21T04:49:42.540",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.2,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-03-05T23:29:02.863",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Mitigation",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/issues/5423",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mitigation",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/issues/5423",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-01-31 13:15
Modified
2024-11-21 05:38
Summary
HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3.
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0F3B04-5FA5-48EB-BA4A-E698F6790499",
                     versionEndExcluding: "1.6.2",
                     versionStartIncluding: "1.4.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "7B3761DD-087D-4CD0-AC7F-4ACEEFF9F504",
                     versionEndExcluding: "1.6.2",
                     versionStartIncluding: "1.4.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul and Consul Enterprise versiones 1.4.1 hasta 1.6.2, no aplicaron uniformemente la ACL a través de todos los endpoints de la API, resultando en una potencial divulgación de información involuntaria. Corregido en versión 1.6.3.",
      },
   ],
   id: "CVE-2020-7955",
   lastModified: "2024-11-21T05:38:05.090",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-01-31T13:15:10.813",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/issues/7160",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/issues/7160",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-863",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-02-24 16:15
Modified
2024-11-21 06:50
Summary
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at least one Ingress Gateway allow a user with service:write to register a specifically-defined service that can cause Consul servers to panic. Fixed in 1.9.15, 1.10.8, and 1.11.3.
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "D4D6A2AC-7FD8-4E4F-929D-57198EBC18F2",
                     versionEndExcluding: "1.9.15",
                     versionStartIncluding: "1.8.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "4E08BC21-7949-4EEF-A3E1-EDADFA4BC72F",
                     versionEndExcluding: "1.9.15",
                     versionStartIncluding: "1.8.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "8AF8D77E-6496-4984-8425-C7FB2751F1AE",
                     versionEndExcluding: "1.10.8",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "8D20E43C-56C3-438C-AAED-93E9AB880992",
                     versionEndExcluding: "1.10.8",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "E1A90E5D-90AD-4563-8437-44719D03AF19",
                     versionEndExcluding: "1.11.3",
                     versionStartIncluding: "1.11.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "5660553D-331A-4C8D-B2CF-868D08DD5851",
                     versionEndExcluding: "1.11.3",
                     versionStartIncluding: "1.11.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at least one Ingress Gateway allow a user with service:write to register a specifically-defined service that can cause Consul servers to panic. Fixed in 1.9.15, 1.10.8, and 1.11.3.",
      },
      {
         lang: "es",
         value: "Los clusters de HashiCorp Consul y Consul Enterprise versiones 1.9.0 a 1.9.14, 1.10.7 y 1.11.2 con al menos un Ingress Gateway permiten que un usuario con service:write registre un servicio específicamente definido que puede hacer que los servidores de Consul entren en pánico. Corregido en las versiones 1.9.15, 1.10.8 y 1.11.3",
      },
   ],
   id: "CVE-2022-24687",
   lastModified: "2024-11-21T06:50:52.703",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "LOW",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "PARTIAL",
               baseScore: 3.5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:S/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 6.8,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-02-24T16:15:08.197",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2022-05-consul-ingress-gateway-panic-can-shutdown-servers/",
      },
      {
         source: "cve@mitre.org",
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20220331-0006/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2022-05-consul-ingress-gateway-panic-can-shutdown-servers/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20220331-0006/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-04-19 16:17
Modified
2024-11-21 06:58
Summary
HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5.
References
cve@mitre.orghttps://discuss.hashicorp.comVendor Advisory
cve@mitre.orghttps://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/Vendor Advisory
cve@mitre.orghttps://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/38393Vendor Advisory
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBODKZL7HQE5XXS3SA2VIDVL4LAA5RWH/Mailing List, Third Party Advisory
cve@mitre.orghttps://security.gentoo.org/glsa/202208-09Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20220602-0005/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://discuss.hashicorp.comVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/38393Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBODKZL7HQE5XXS3SA2VIDVL4LAA5RWH/Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202208-09Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20220602-0005/Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "89112C2E-3AE8-45E3-8633-17F0174B47A3",
                     versionEndExcluding: "1.9.17",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "339A22E7-15BE-48B6-B10C-6D729F934B79",
                     versionEndExcluding: "1.9.17",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "6EE5C7A3-A386-4B92-A943-A308729F73FF",
                     versionEndExcluding: "1.10.10",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "D06A5FE9-9D57-4AB4-A681-29C8EC004AE9",
                     versionEndExcluding: "1.10.10",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "2C1E08E3-FBA8-4515-9B62-E3808C5B61E9",
                     versionEndExcluding: "1.11.5",
                     versionStartIncluding: "1.11.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "D731C85E-0913-4392-944F-85BCBD9EFF39",
                     versionEndExcluding: "1.11.5",
                     versionStartIncluding: "1.11.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                     matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul y Consul Enterprise hasta 1.9.16, 1.10.9, y 1.11.4 pueden permitir la falsificación de peticiones del lado del servidor cuando el agente cliente de Consul sigue las redirecciones devueltas por los puntos finales de comprobación de salud HTTP. Corregido en 1.9.17, 1.10.10 y 1.11.5",
      },
   ],
   id: "CVE-2022-29153",
   lastModified: "2024-11-21T06:58:35.740",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-04-19T16:17:10.493",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/38393",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBODKZL7HQE5XXS3SA2VIDVL4LAA5RWH/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20220602-0005/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/38393",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBODKZL7HQE5XXS3SA2VIDVL4LAA5RWH/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20220602-0005/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-918",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-08-09 16:15
Modified
2024-11-21 08:17
Summary
HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1.
Impacted products
Vendor Product Version
hashicorp consul 1.16.0
hashicorp consul 1.16.0
hashicorp consul 1.16.0



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:1.16.0:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "E1B6503F-75E6-4109-BFEC-375DB0723F41",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:1.16.0:-:*:*:-:*:*:*",
                     matchCriteriaId: "7537214A-BF79-4A94-9E6C-ED1D0018895F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:1.16.0:rc1:*:*:-:*:*:*",
                     matchCriteriaId: "91FBFA37-6884-49FD-B11B-287E8D822B7A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1.",
      },
      {
         lang: "es",
         value: "Consul y Consul Enterprise 1.16.0 de HashiCorp al utilizar JWT Auth para la malla de servicios permite/deniega incorrectamente el acceso independientemente de las identidades de servicio. Corregido en 1.16.1.",
      },
   ],
   id: "CVE-2023-3518",
   lastModified: "2024-11-21T08:17:26.437",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 7.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.1,
            impactScore: 3.7,
            source: "security@hashicorp.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 7.3,
               baseSeverity: "HIGH",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-08-09T16:15:09.957",
   references: [
      {
         source: "security@hashicorp.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2023-25-consul-jwt-auth-in-l7-intentions-allow-for-mismatched-service-identity-and-jwt-providers/57004",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2023-25-consul-jwt-auth-in-l7-intentions-allow-for-mismatched-service-identity-and-jwt-providers/57004",
      },
   ],
   sourceIdentifier: "security@hashicorp.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-266",
            },
         ],
         source: "security@hashicorp.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-04-20 16:15
Modified
2024-11-21 05:59
Summary
HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10.
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "4715B752-329E-4318-8023-BCC0C731AD66",
                     versionEndExcluding: "1.8.10",
                     versionStartIncluding: "1.8.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "51B56481-1DCE-4301-A1AD-FDF7A111431A",
                     versionEndExcluding: "1.9.5",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10.",
      },
      {
         lang: "es",
         value: "El registro de auditoría de HashiCorp Consul Enterprise versión 1.8.0 hasta 1.9.4 puede ser omitido por eventos HTTP específicamente diseñados.&#xa0;Corregido en versiones 1.9.5 y 1.8.10",
      },
   ],
   id: "CVE-2021-28156",
   lastModified: "2024-11-21T05:59:12.283",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-04-20T16:15:10.407",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-08-consul-enterprise-audit-log-bypass-for-http-events/23369",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-08-consul-enterprise-audit-log-bypass-for-http-events/23369",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-04-20 16:15
Modified
2024-11-21 05:18
Summary
HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "8B0BFFE7-F4AE-410E-8913-85A7C7F396FB",
                     versionEndExcluding: "1.7.14",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "937E42C5-04E4-4674-9E72-6D75C7C8A573",
                     versionEndExcluding: "1.7.14",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "26751538-659E-42C3-9ED4-0A4E03D68750",
                     versionEndExcluding: "1.8.10",
                     versionStartIncluding: "1.8.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "4715B752-329E-4318-8023-BCC0C731AD66",
                     versionEndExcluding: "1.8.10",
                     versionStartIncluding: "1.8.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "A239544A-DC16-4AA6-B021-451894B675CD",
                     versionEndExcluding: "1.9.5",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "51B56481-1DCE-4301-A1AD-FDF7A111431A",
                     versionEndExcluding: "1.9.5",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.",
      },
      {
         lang: "es",
         value: "El modo sin procesar de HashiCorp Consul y Consul Enterprise hasta versión 1.9.4, key-value (KV) era vulnerable a un ataque de tipo cross-site scripting.&#xa0;Corregido en versiones 1.9.5, 1.8.10 y 1.7.14",
      },
   ],
   id: "CVE-2020-25864",
   lastModified: "2024-11-21T05:18:56.030",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.1,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-04-20T16:15:10.193",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-07-consul-api-kv-endpoint-vulnerable-to-cross-site-scripting/23368",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Product",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-07-consul-api-kv-endpoint-vulnerable-to-cross-site-scripting/23368",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-03-09 16:15
Modified
2024-11-21 07:37
Summary
Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5.
Impacted products
Vendor Product Version
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "D8C3D37E-19AF-4262-8BF8-D5C6CB0F7F64",
                     versionEndExcluding: "1.14.5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5.",
      },
      {
         lang: "es",
         value: "Consul y Consul Enterprise permitieron que un usuario autenticado con servicio:permisos de escritura desencadenara un flujo de trabajo que provoca que el servidor de Consul y los agentes del cliente colapsen en determinadas circunstancias. Esta vulnerabilidad se solucionó en Consul 1.14.5.",
      },
   ],
   id: "CVE-2023-0845",
   lastModified: "2024-11-21T07:37:56.660",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 4.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 3.6,
            source: "security@hashicorp.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-03-09T16:15:09.657",
   references: [
      {
         source: "security@hashicorp.com",
         tags: [
            "Issue Tracking",
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2023-06-consul-server-panic-when-ingress-and-api-gateways-configured-with-peering-connections/51197",
      },
      {
         source: "security@hashicorp.com",
         url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/",
      },
      {
         source: "security@hashicorp.com",
         url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/",
      },
      {
         source: "security@hashicorp.com",
         url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2023-06-consul-server-panic-when-ingress-and-api-gateways-configured-with-peering-connections/51197",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/",
      },
   ],
   sourceIdentifier: "security@hashicorp.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "security@hashicorp.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-10-30 22:15
Modified
2025-01-10 13:15
Summary
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:community:*:*:*",
                     matchCriteriaId: "0D16200E-5F65-48AE-A0A5-FFADA05CA755",
                     versionEndExcluding: "1.20.1",
                     versionStartIncluding: "1.4.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "4F4529FE-6B11-4CB9-A8A2-A75D10470294",
                     versionEndExcluding: "1.15.15",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "36CDCEB8-8B22-4290-9071-81CE3F0F6B95",
                     versionEndExcluding: "1.18.5",
                     versionStartIncluding: "1.18.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "0AB043DB-FC48-4DE7-80BA-EC410ECD44F2",
                     versionEndExcluding: "1.19.3",
                     versionStartIncluding: "1.19.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:1.20.0:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "82C595D9-B7F7-487B-A2B4-B85A45DF471C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.",
      },
      {
         lang: "es",
         value: "Se identificó una vulnerabilidad en Consul y Consul Enterprise (“Consul”) tal que el uso de encabezados en intenciones de tráfico L7 podría eludir las reglas de acceso basadas en encabezados HTTP.",
      },
   ],
   id: "CVE-2024-10006",
   lastModified: "2025-01-10T13:15:08.440",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 8.3,
               baseSeverity: "HIGH",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.7,
            source: "security@hashicorp.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-10-30T22:15:03.063",
   references: [
      {
         source: "security@hashicorp.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2024-23-consul-l7-intentions-vulnerable-to-headers-bypass",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://security.netapp.com/advisory/ntap-20250110-0005/",
      },
   ],
   sourceIdentifier: "security@hashicorp.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-644",
            },
         ],
         source: "security@hashicorp.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-116",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-06-11 20:15
Modified
2024-11-21 05:00
Summary
HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service. Fixed in 1.6.6 and 1.7.4.
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "52402E76-79F8-41E1-B98F-9B4CB0D0A5A2",
                     versionEndExcluding: "1.6.6",
                     versionStartIncluding: "1.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "21DD243B-A1C0-43F8-BCED-A6DE3C05BD44",
                     versionEndExcluding: "1.6.6",
                     versionStartIncluding: "1.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C75147A9-FD13-4698-A736-1A351A96B221",
                     versionEndExcluding: "1.7.4",
                     versionStartIncluding: "1.7.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "804310A0-646B-4375-A7D7-002F65C3C4BC",
                     versionEndExcluding: "1.7.4",
                     versionStartIncluding: "1.7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service. Fixed in 1.6.6 and 1.7.4.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul y Consul Enterprise, incluyen una funcionalidad de caché de HTTP API (introducida en la versión 1.2.0) y DNS (introducida en la versión 1.4.3), que era vulnerable a una denegación de servicio. Corregido en las versiones 1.6.6 y 1.7.4",
      },
   ],
   id: "CVE-2020-13250",
   lastModified: "2024-11-21T05:00:52.783",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-06-11T20:15:11.477",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/pull/8023",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/pull/8023",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-770",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-07-17 18:15
Modified
2024-11-21 06:07
Summary
HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1.
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "1CE7C620-26CF-448F-B050-39FFA83C7D55",
                     versionEndExcluding: "1.8.14",
                     versionStartIncluding: "1.3.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "58878867-A000-4FD7-8E80-0D914A056CA9",
                     versionEndExcluding: "1.8.14",
                     versionStartIncluding: "1.3.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "45B0891D-896C-46AA-AD6C-787318B837E3",
                     versionEndExcluding: "1.9.8",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "8F815B6E-D557-4A70-9928-E75EB12C880E",
                     versionEndExcluding: "1.9.8",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "AFBB4342-D380-496A-B38E-7446BEE108D9",
                     versionEndExcluding: "1.10.1",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "3A7B9301-1B89-4C79-8E6C-4FD747822096",
                     versionEndExcluding: "1.10.1",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul y Consul Enterprise versión 1.3.0 hasta la versión 1.10.0 La configuración del proxy TLS de Envoy no valida la identidad del servicio de destino en el nombre alternativo del asunto codificado. Corregido en las versiones 1.8.14, 1.9.8 y 1.10.1",
      },
   ],
   id: "CVE-2021-32574",
   lastModified: "2024-11-21T06:07:18.077",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-07-17T18:15:07.723",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-295",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-12-12 05:15
Modified
2024-11-21 06:26
Summary
HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has Incorrect Access Control. An ACL token (with the default operator:write permissions) in one namespace can be used for unintended privilege escalation in a different namespace.
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "BCAF9DFA-5180-4697-89FB-9357857F91A3",
                     versionEndExcluding: "1.8.17",
                     versionStartIncluding: "1.7.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "3DDA4C31-D873-40DF-B349-C3E0CC5B94B8",
                     versionEndExcluding: "1.9.11",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "C4234B37-7067-4213-BDA4-190DC9C2D9F2",
                     versionEndExcluding: "1.10.4",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has Incorrect Access Control. An ACL token (with the default operator:write permissions) in one namespace can be used for unintended privilege escalation in a different namespace.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul Enterprise versiones anteriores a 1.8.17, 1.9.x anteriores a 1.9.11 y 1.10.x anteriores a 1.10.4, presenta un Control de Acceso Incorrecto. Un token ACL (con el operador predeterminado: permisos de escritura) en un espacio de nombres puede ser usado para una escalada de privilegios no intencionada en un espacio de nombres diferente",
      },
   ],
   id: "CVE-2021-41805",
   lastModified: "2024-11-21T06:26:47.790",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-12T05:15:07.917",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-29-consul-enterprise-namespace-default-acls-allow-privilege-escalation/31871",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20211229-0007/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Product",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-29-consul-enterprise-namespace-default-acls-allow-privilege-escalation/31871",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20211229-0007/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-863",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-10-30 22:15
Modified
2025-01-10 13:15
Summary
A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "F9B18D72-3819-4927-AF49-239668B4719D",
                     versionEndExcluding: "1.15.15",
                     versionStartIncluding: "1.4.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:community:*:*:*",
                     matchCriteriaId: "6471636F-7182-4F2D-B80E-25D46AE453F2",
                     versionEndExcluding: "1.20.0",
                     versionStartIncluding: "1.4.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "36CDCEB8-8B22-4290-9071-81CE3F0F6B95",
                     versionEndExcluding: "1.18.5",
                     versionStartIncluding: "1.18.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "0AB043DB-FC48-4DE7-80BA-EC410ECD44F2",
                     versionEndExcluding: "1.19.3",
                     versionStartIncluding: "1.19.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.",
      },
      {
         lang: "es",
         value: "Se identificó una vulnerabilidad en Consul y Consul Enterprise tal que la respuesta del servidor no establecía explícitamente un encabezado HTTP Content-Type, lo que permitía que las entradas proporcionadas por el usuario se malinterpretaran y generaran un XSS reflejado.",
      },
   ],
   id: "CVE-2024-10086",
   lastModified: "2025-01-10T13:15:08.623",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.1,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.7,
            source: "security@hashicorp.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.1,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-10-30T22:15:03.283",
   references: [
      {
         source: "security@hashicorp.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2024-24-consul-vulnerable-to-reflected-xss-on-content-type-error-manipulation",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://security.netapp.com/advisory/ntap-20250110-0006/",
      },
   ],
   sourceIdentifier: "security@hashicorp.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "security@hashicorp.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-11-16 00:15
Modified
2024-11-21 07:20
Summary
HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering's imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0.
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "998D584B-6C3E-49FB-8545-F7EBB7773B43",
                     versionEndIncluding: "1.13.3",
                     versionStartIncluding: "1.13.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "A3E6E60F-B129-4439-86E0-B872825BA652",
                     versionEndIncluding: "1.13.3",
                     versionStartIncluding: "1.13.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering's imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0.",
      },
      {
         lang: "es",
         value: "HashiCorp Consul y Consul Enterprise 1.13.0 hasta 1.13.3 no filtran los nodos y servicios importados del filtrado de clústeres para los endpoints HTTP o RPC utilizados por la interfaz de usuario. Se corrigió en la versión 1.14.0.",
      },
   ],
   id: "CVE-2022-3920",
   lastModified: "2024-11-21T07:20:32.077",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "security@hashicorp.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-11-16T00:15:09.747",
   references: [
      {
         source: "security@hashicorp.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2022-28-consul-cluster-peering-leaks-imported-nodes-services-information/46946",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2022-28-consul-cluster-peering-leaks-imported-nodes-services-information/46946",
      },
   ],
   sourceIdentifier: "security@hashicorp.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "security@hashicorp.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-07-17 18:15
Modified
2024-11-21 06:13
Summary
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1.
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "45B0891D-896C-46AA-AD6C-787318B837E3",
                     versionEndExcluding: "1.9.8",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "8F815B6E-D557-4A70-9928-E75EB12C880E",
                     versionEndExcluding: "1.9.8",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "AFBB4342-D380-496A-B38E-7446BEE108D9",
                     versionEndExcluding: "1.10.1",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "3A7B9301-1B89-4C79-8E6C-4FD747822096",
                     versionEndExcluding: "1.10.1",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1.",
      },
      {
         lang: "es",
         value: "La política de denegación por defecto de HashiCorp Consul y Consul Enterprise desde la versión 1.9.0 hasta la version 1.10.0 con una única acción de denegación de intención consciente de la aplicación L7 se anula, lo que provoca que la intención falle incorrectamente al abrirse, permitiendo el tráfico L4. Corregido en las versiones 1.9.8 y 1.10.1.",
      },
   ],
   id: "CVE-2021-36213",
   lastModified: "2024-11-21T06:13:19.590",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-07-17T18:15:07.820",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-16-consul-s-application-aware-intentions-deny-action-fails-open-when-combined-with-default-deny-policy/26855",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Product",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-16-consul-s-application-aware-intentions-deny-action-fails-open-when-combined-with-default-deny-policy/26855",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Third Party Advisory",
         ],
         url: "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-01-11 06:15
Modified
2024-11-21 06:20
Summary
An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.
References
cve@mitre.orghttps://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025Third Party Advisory
cve@mitre.orghttps://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bcPatch, Third Party Advisory
cve@mitre.orghttps://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2Patch, Third Party Advisory
cve@mitre.orghttps://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff%40%3Cnotifications.skywalking.apache.org%3E
cve@mitre.orghttps://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e%40%3Ccommits.pulsar.apache.org%3E
cve@mitre.orghttps://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44%40%3Ccommits.pulsar.apache.org%3E
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20210219-0006/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bcPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff%40%3Cnotifications.skywalking.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e%40%3Ccommits.pulsar.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44%40%3Ccommits.pulsar.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20210219-0006/Third Party Advisory
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:golang:protobuf:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F29C1D9-5DC9-4075-BE27-D72F9F69F95B",
                     versionEndExcluding: "1.3.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "3CFEFC70-871E-4DC3-B23E-E7AFBE7106C1",
                     versionEndExcluding: "1.8.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "D8536B85-06DD-4498-BFB5-C729CF5346C6",
                     versionEndExcluding: "1.8.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "EA1C73D1-3A32-488A-B5EC-7BDFA7DBD417",
                     versionEndExcluding: "1.9.9",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "4EA73576-AADE-4142-8617-937F9E5A32F8",
                     versionEndExcluding: "1.9.9",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "19BE17DA-3808-42DD-817A-B43CE7619281",
                     versionEndExcluding: "1.10.2",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "AE470E84-7E0A-4EFC-91CF-A297C1C3D4FC",
                     versionEndExcluding: "1.10.2",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
      },
      {
         lang: "es",
         value: "Se detectó un problema en GoGo Protobuf versiones anteriores a 1.3.2.&#xa0;El archivo plugin/unmarshal/unmarshal.go carece de determinada comprobación de índice, también se conoce como el problema \"skippy peanut butter\"",
      },
   ],
   id: "CVE-2021-3121",
   lastModified: "2024-11-21T06:20:55.957",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 7.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-01-11T06:15:13.460",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff%40%3Cnotifications.skywalking.apache.org%3E",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e%40%3Ccommits.pulsar.apache.org%3E",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44%40%3Ccommits.pulsar.apache.org%3E",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210219-0006/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff%40%3Cnotifications.skywalking.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e%40%3Ccommits.pulsar.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44%40%3Ccommits.pulsar.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210219-0006/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-129",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-09-07 12:15
Modified
2024-11-21 06:17
Summary
HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. Fixed in 1.8.15, 1.9.9 and 1.10.2.
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "3CFEFC70-871E-4DC3-B23E-E7AFBE7106C1",
                     versionEndExcluding: "1.8.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "D8536B85-06DD-4498-BFB5-C729CF5346C6",
                     versionEndExcluding: "1.8.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "EA1C73D1-3A32-488A-B5EC-7BDFA7DBD417",
                     versionEndExcluding: "1.9.9",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "4EA73576-AADE-4142-8617-937F9E5A32F8",
                     versionEndExcluding: "1.9.9",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "19BE17DA-3808-42DD-817A-B43CE7619281",
                     versionEndExcluding: "1.10.2",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "AE470E84-7E0A-4EFC-91CF-A297C1C3D4FC",
                     versionEndExcluding: "1.10.2",
                     versionStartIncluding: "1.10.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. Fixed in 1.8.15, 1.9.9 and 1.10.2.",
      },
      {
         lang: "es",
         value: "El endpoint Txn.Apply de HashiCorp Consul y Consul Enterprise versión 1.10.1, permitía que los servicios registraran proxies para otros servicios, permitiendo el acceso al tráfico de los mismos. Corregido en versiones 1.8.15, 1.9.9 y 1.10.2",
      },
   ],
   id: "CVE-2021-38698",
   lastModified: "2024-11-21T06:17:55.753",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "NONE",
               baseScore: 4,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-09-07T12:15:07.930",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-24-consul-missing-authorization-check-on-txn-apply-endpoint/29026",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Product",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2021-24-consul-missing-authorization-check-on-txn-apply-endpoint/29026",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-09",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
            "Vendor Advisory",
         ],
         url: "https://www.hashicorp.com/blog/category/consul",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-06-02 23:15
Modified
2024-11-21 07:38
Summary
Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3
Impacted products
Vendor Product Version
hashicorp consul *
hashicorp consul *
hashicorp consul *
hashicorp consul *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "0047DE25-5AF8-4BE3-BAE0-883C5B933D56",
                     versionEndExcluding: "1.14.7",
                     versionStartIncluding: "1.13.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "A54134BC-44F1-490A-90C6-DA20ADFF2239",
                     versionEndExcluding: "1.14.7",
                     versionStartIncluding: "1.13.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "9D592391-F006-4F99-BF39-DAA3D2B86305",
                     versionEndExcluding: "1.15.3",
                     versionStartIncluding: "1.15.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "12E16E32-03E5-44B6-BAB5-8809E6E852F4",
                     versionEndExcluding: "1.15.3",
                     versionStartIncluding: "1.15.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3",
      },
   ],
   id: "CVE-2023-1297",
   lastModified: "2024-11-21T07:38:52.020",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 4.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 3.6,
            source: "security@hashicorp.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-06-02T23:15:09.293",
   references: [
      {
         source: "security@hashicorp.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2023-15-consul-cluster-peering-can-result-in-denial-of-service/54515",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://discuss.hashicorp.com/t/hcsec-2023-15-consul-cluster-peering-can-result-in-denial-of-service/54515",
      },
   ],
   sourceIdentifier: "security@hashicorp.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-826",
            },
         ],
         source: "security@hashicorp.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}