{"uuid": "1a305241-21dd-499b-9837-b47bb74a0121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3920", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13908", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3920\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering's imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0.\n\ud83d\udccf Published: 2022-11-15T23:25:30.161Z\n\ud83d\udccf Modified: 2025-04-29T20:02:00.547Z\n\ud83d\udd17 References:\n1. https://discuss.hashicorp.com/t/hcsec-2022-28-consul-cluster-peering-leaks-imported-nodes-services-information/46946", "creation_timestamp": "2025-04-29T20:12:30.000000Z"}