{"vulnerability": "CVE-2022-40716", "sightings": [{"uuid": "ebba92a6-5557-41a5-8aee-1a7e1c375b96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40716", "type": "seen", "source": "https://t.me/cibsecurity/50316", "content": "\u203c CVE-2022-40716 \u203c\n\nHashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2.\"\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-23T16:28:22.000000Z"}]}