All the vulnerabilites related to HashiCorp - Consul Enterprise
cve-2023-3518
Vulnerability from cvelistv5
Published
2023-08-09 15:06
Modified
2024-10-08 14:56
Severity ?
EPSS score ?
Summary
HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | HashiCorp | Consul |
Version: 1.16.0 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:55:03.386Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://discuss.hashicorp.com/t/hcsec-2023-25-consul-jwt-auth-in-l7-intentions-allow-for-mismatched-service-identity-and-jwt-providers/57004" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-3518", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T14:42:29.313810Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-08T14:56:28.934Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul", "repo": "https://github.com/hashicorp/consul", "vendor": "HashiCorp", "versions": [ { "status": "affected", "version": "1.16.0" } ] }, { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul Enterprise", "repo": "https://github.com/hashicorp/consul", "vendor": "HashiCorp", "versions": [ { "status": "affected", "version": "1.16.0" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eHashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1.\u003c/p\u003e\u003cbr/\u003e" } ], "value": "HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1." } ], "impacts": [ { "capecId": "CAPEC-1", "descriptions": [ { "lang": "en", "value": "CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs" } ] } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-266", "description": "CWE-266: Incorrect Privilege Assignment", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-26T21:02:13.649Z", "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp" }, "references": [ { "url": "https://discuss.hashicorp.com/t/hcsec-2023-25-consul-jwt-auth-in-l7-intentions-allow-for-mismatched-service-identity-and-jwt-providers/57004" } ], "source": { "advisory": "HCSEC-2023-25", "discovery": "INTERNAL" }, "title": "JWT Auth in L7 Intentions Allow For Mismatched Service Identity and JWT Providers for Access" } }, "cveMetadata": { "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "assignerShortName": "HashiCorp", "cveId": "CVE-2023-3518", "datePublished": "2023-08-09T15:06:52.406Z", "dateReserved": "2023-07-05T21:02:24.890Z", "dateUpdated": "2024-10-08T14:56:28.934Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-10086
Vulnerability from cvelistv5
Published
2024-10-30 21:21
Modified
2024-10-31 13:49
Severity ?
EPSS score ?
Summary
A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | HashiCorp | Consul |
Version: 1.4.1 ≤ |
||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-10086", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-31T13:49:16.403136Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-31T13:49:28.120Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul", "repo": "https://github.com/hashicorp/consul", "vendor": "HashiCorp", "versions": [ { "lessThan": "1.20.0", "status": "affected", "version": "1.4.1", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul Enterprise", "repo": "https://github.com/hashicorp/consul", "vendor": "HashiCorp", "versions": [ { "changes": [ { "at": "1.19.3", "status": "unaffected" }, { "at": "1.18.5", "status": "unaffected" }, { "at": "1.15.15", "status": "unaffected" } ], "lessThan": "1.20.0", "status": "affected", "version": "1.4.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eA vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.\u003c/p\u003e\u003cbr/\u003e" } ], "value": "A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS." } ], "impacts": [ { "capecId": "CAPEC-63", "descriptions": [ { "lang": "en", "value": "CAPEC-63: Cross-Site Scripting (XSS)" } ] } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-30T21:21:46.559Z", "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp" }, "references": [ { "url": "https://discuss.hashicorp.com/t/hcsec-2024-24-consul-vulnerable-to-reflected-xss-on-content-type-error-manipulation" } ], "source": { "advisory": "HCSEC-2024-24", "discovery": "EXTERNAL" }, "title": "Consul Vulnerable To Reflected XSS On Content-Type Error Manipulation" } }, "cveMetadata": { "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "assignerShortName": "HashiCorp", "cveId": "CVE-2024-10086", "datePublished": "2024-10-30T21:21:46.559Z", "dateReserved": "2024-10-17T15:23:28.133Z", "dateUpdated": "2024-10-31T13:49:28.120Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1297
Vulnerability from cvelistv5
Published
2023-06-02 22:48
Modified
2024-08-02 05:41
Severity ?
EPSS score ?
Summary
Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | HashiCorp | Consul |
Version: 1.14.0 ≤ 1.14.5 Version: 1.15.0 ≤ 1.15.3 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:41:00.070Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://discuss.hashicorp.com/t/hcsec-2023-15-consul-cluster-peering-can-result-in-denial-of-service/54515" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul", "repo": "https://github.com/hashicorp/consul", "vendor": "HashiCorp", "versions": [ { "lessThanOrEqual": "1.14.5", "status": "affected", "version": "1.14.0", "versionType": "semver" }, { "lessThanOrEqual": "1.15.3", "status": "affected", "version": "1.15.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul Enterprise", "vendor": "HashiCorp", "versions": [ { "lessThanOrEqual": "1.14.5", "status": "affected", "version": "1.14.0", "versionType": "semver" }, { "lessThanOrEqual": "1.15.3", "status": "affected", "version": "1.15.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "To exploit this vulnerability, an attacker requires access to an ACL token with service:write permissions in a cluster that uses cluster peering." } ], "value": "Consul and Consul Enterprise\u0027s cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3" } ], "impacts": [ { "capecId": "CAPEC-176", "descriptions": [ { "lang": "en", "value": "CAPEC-176: Configuration/Environment Manipulation" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-826", "description": "CWE-826: Premature Release of Resource During Expected Lifetime", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-02T22:48:28.938Z", "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp" }, "references": [ { "url": "https://discuss.hashicorp.com/t/hcsec-2023-15-consul-cluster-peering-can-result-in-denial-of-service/54515" } ], "source": { "discovery": "INTERNAL" }, "title": " Consul Cluster Peering can Result in Denial of Service" } }, "cveMetadata": { "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "assignerShortName": "HashiCorp", "cveId": "CVE-2023-1297", "datePublished": "2023-06-02T22:48:28.938Z", "dateReserved": "2023-03-09T18:51:51.406Z", "dateUpdated": "2024-08-02T05:41:00.070Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3920
Vulnerability from cvelistv5
Published
2022-11-15 23:25
Modified
2024-08-03 01:20
Severity ?
EPSS score ?
Summary
HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering's imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | HashiCorp | Consul |
Version: 1.13.0 Version: 1.13.1 Version: 1.13.2 Version: 1.13.3 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:20:58.854Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://discuss.hashicorp.com/t/hcsec-2022-28-consul-cluster-peering-leaks-imported-nodes-services-information/46946" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul", "repo": "https://github.com/hashicorp/consul", "vendor": "HashiCorp", "versions": [ { "status": "affected", "version": "1.13.0" }, { "status": "affected", "version": "1.13.1" }, { "status": "affected", "version": "1.13.2" }, { "status": "affected", "version": "1.13.3" } ] }, { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul Enterprise", "vendor": "HashiCorp", "versions": [ { "status": "affected", "version": "1.13.0" }, { "status": "affected", "version": "1.13.1" }, { "status": "affected", "version": "1.13.2" }, { "status": "affected", "version": "1.13.3" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster peering\u0027s imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0." } ], "value": "HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering\u0027s imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0." } ], "impacts": [ { "capecId": "CAPEC-1", "descriptions": [ { "lang": "en", "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-15T23:25:30.161Z", "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp" }, "references": [ { "url": "https://discuss.hashicorp.com/t/hcsec-2022-28-consul-cluster-peering-leaks-imported-nodes-services-information/46946" } ], "source": { "discovery": "INTERNAL" }, "title": "Consul Peering Imported Nodes/Services Leak" } }, "cveMetadata": { "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "assignerShortName": "HashiCorp", "cveId": "CVE-2022-3920", "datePublished": "2022-11-15T23:25:30.161Z", "dateReserved": "2022-11-09T23:10:38.071Z", "dateUpdated": "2024-08-03T01:20:58.854Z", "requesterUserId": "5311d85b-fc2e-473d-9ddd-71031e52448b", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-10006
Vulnerability from cvelistv5
Published
2024-10-30 21:20
Modified
2024-10-31 13:59
Severity ?
EPSS score ?
Summary
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | HashiCorp | Consul |
Version: 1.9.0 ≤ |
||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:hashicorp:consul:-:*:*:*:enterprise:*:*:*" ], "defaultStatus": "unaffected", "product": "consul", "vendor": "hashicorp", "versions": [ { "lessThan": "1.20.1", "status": "affected", "version": "1.9.0", "versionType": "semver" }, { "status": "unaffected", "version": "1.19.3" }, { "status": "unaffected", "version": "1.18.5" }, { "status": "unaffected", "version": "1.15.15" } ] }, { "cpes": [ "cpe:2.3:a:hashicorp:consul:*:*:*:*:community:*:*:*" ], "defaultStatus": "unaffected", "product": "consul", "vendor": "hashicorp", "versions": [ { "lessThan": "1.20.1", "status": "affected", "version": "1.9.0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-10006", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-31T13:49:58.696502Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-31T13:59:13.505Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul", "repo": "https://github.com/hashicorp/consul", "vendor": "HashiCorp", "versions": [ { "lessThan": "1.20.1", "status": "affected", "version": "1.9.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul Enterprise", "repo": "https://github.com/hashicorp/consul", "vendor": "HashiCorp", "versions": [ { "changes": [ { "at": "1.19.3", "status": "unaffected" }, { "at": "1.18.5", "status": "unaffected" }, { "at": "1.15.15", "status": "unaffected" } ], "lessThan": "1.20.1", "status": "affected", "version": "1.9.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eA vulnerability was identified in Consul and Consul Enterprise (\u201cConsul\u201d) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.\u003c/p\u003e\u003cbr/\u003e" } ], "value": "A vulnerability was identified in Consul and Consul Enterprise (\u201cConsul\u201d) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules." } ], "impacts": [ { "capecId": "CAPEC-220", "descriptions": [ { "lang": "en", "value": "CAPEC-220: Client-Server Protocol Manipulation" } ] } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-644", "description": "CWE-644: Improper Neutralization of HTTP Headers", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-30T21:20:37.011Z", "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp" }, "references": [ { "url": "https://discuss.hashicorp.com/t/hcsec-2024-23-consul-l7-intentions-vulnerable-to-headers-bypass" } ], "source": { "advisory": "HCSEC-2024-23", "discovery": "EXTERNAL" }, "title": "Consul L7 Intentions Vulnerable To Headers Bypass" } }, "cveMetadata": { "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "assignerShortName": "HashiCorp", "cveId": "CVE-2024-10006", "datePublished": "2024-10-30T21:20:37.011Z", "dateReserved": "2024-10-15T17:46:48.500Z", "dateUpdated": "2024-10-31T13:59:13.505Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2816
Vulnerability from cvelistv5
Published
2023-06-02 22:43
Modified
2024-10-07 20:12
Severity ?
EPSS score ?
Summary
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | HashiCorp | Consul |
Version: 1.15.0 Version: 1.15.1 Version: 1.15.2 |
||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:hashicorp:consul:1.15.0:*:*:*:-:*:*:*" ], "defaultStatus": "unaffected", "product": "consul", "vendor": "hashicorp", "versions": [ { "lessThanOrEqual": "1.15.2", "status": "affected", "version": "1.15.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:hashicorp:consul:1.15.0:*:*:*:enterprise:*:*:*" ], "defaultStatus": "unaffected", "product": "consul", "vendor": "hashicorp", "versions": [ { "lessThanOrEqual": "1.15.2", "status": "affected", "version": "1.15.0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-2816", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-07T20:11:32.907747Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-07T20:12:01.627Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T06:33:05.672Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://discuss.hashicorp.com/t/hcsec-2023-16-consul-envoy-extension-downstream-proxy-configuration-by-upstream-service-owner/54525" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul", "repo": "https://github.com/hashicorp/consul", "vendor": "HashiCorp", "versions": [ { "status": "affected", "version": "1.15.0" }, { "status": "affected", "version": "1.15.1" }, { "status": "affected", "version": "1.15.2" } ] }, { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul Enterprise", "repo": "https://github.com/hashicorp/consul", "vendor": "HashiCorp", "versions": [ { "status": "affected", "version": "1.15.0" }, { "status": "affected", "version": "1.15.1" }, { "status": "affected", "version": "1.15.2" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eConsul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.\u003c/p\u003e\u003cbr/\u003e" } ], "value": "Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies." } ], "impacts": [ { "capecId": "CAPEC-113", "descriptions": [ { "lang": "en", "value": "CAPEC-113: Interface Manipulation" } ] } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-266", "description": "CWE-266: Incorrect Privilege Assignment", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-26T18:59:27.367Z", "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp" }, "references": [ { "url": "https://discuss.hashicorp.com/t/hcsec-2023-16-consul-envoy-extension-downstream-proxy-configuration-by-upstream-service-owner/54525" } ], "source": { "advisory": "HCSEC-2023-16", "discovery": "INTERNAL" }, "title": "Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner" } }, "cveMetadata": { "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "assignerShortName": "HashiCorp", "cveId": "CVE-2023-2816", "datePublished": "2023-06-02T22:43:34.553Z", "dateReserved": "2023-05-19T18:11:06.618Z", "dateUpdated": "2024-10-07T20:12:01.627Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0845
Vulnerability from cvelistv5
Published
2023-03-09 15:14
Modified
2024-08-02 05:24
Severity ?
EPSS score ?
Summary
Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | HashiCorp | Consul |
Version: 1.14.0 Version: 1.14.1 Version: 1.14.2 Version: 1.14.3 Version: 1.14.4 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:24:34.464Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://discuss.hashicorp.com/t/hcsec-2023-06-consul-server-panic-when-ingress-and-api-gateways-configured-with-peering-connections/51197" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul", "repo": "https://github.com/hashicorp/consul", "vendor": "HashiCorp", "versions": [ { "status": "affected", "version": "1.14.0" }, { "status": "affected", "version": "1.14.1" }, { "status": "affected", "version": "1.14.2" }, { "status": "affected", "version": "1.14.3" }, { "status": "affected", "version": "1.14.4" } ] }, { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul Enterprise", "vendor": "HashiCorp", "versions": [ { "status": "affected", "version": "1.14.0" }, { "status": "affected", "version": "1.14.1" }, { "status": "affected", "version": "1.14.2" }, { "status": "affected", "version": "1.14.3" }, { "status": "affected", "version": "1.14.4" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "To exploit this vulnerability, an attacker requires access to an ACL token with service:write permissions, and there needs to be at least one running ingress or API gateway that is configured to route traffic to an upstream service." } ], "value": "Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5." } ], "impacts": [ { "capecId": "CAPEC-113", "descriptions": [ { "lang": "en", "value": "CAPEC-113: Interface Manipulation" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476: Null Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-09T15:14:26.581Z", "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp" }, "references": [ { "url": "https://discuss.hashicorp.com/t/hcsec-2023-06-consul-server-panic-when-ingress-and-api-gateways-configured-with-peering-connections/51197" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/" } ], "source": { "discovery": "INTERNAL" }, "title": "Consul Server Panic when Ingress and API Gateways Configured with Peering" } }, "cveMetadata": { "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "assignerShortName": "HashiCorp", "cveId": "CVE-2023-0845", "datePublished": "2023-03-09T15:14:26.581Z", "dateReserved": "2023-02-15T15:53:44.942Z", "dateUpdated": "2024-08-02T05:24:34.464Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-10005
Vulnerability from cvelistv5
Published
2024-10-30 21:19
Modified
2024-10-31 14:01
Severity ?
EPSS score ?
Summary
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | HashiCorp | Consul |
Version: 1.9.0 ≤ |
||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:hashicorp:consul:-:*:*:*:enterprise:*:*:*" ], "defaultStatus": "unaffected", "product": "consul", "vendor": "hashicorp", "versions": [ { "lessThan": "1.20.1", "status": "affected", "version": "1.9.0", "versionType": "semver" }, { "status": "unaffected", "version": "1.19.3" }, { "status": "unaffected", "version": "1.18.5" }, { "status": "unaffected", "version": "1.15.15" } ] }, { "cpes": [ "cpe:2.3:a:hashicorp:consul:*:*:*:*:community:*:*:*" ], "defaultStatus": "unaffected", "product": "consul", "vendor": "hashicorp", "versions": [ { "lessThan": "1.20.1", "status": "affected", "version": "1.9.0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-10005", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-31T13:59:37.966921Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-31T14:01:55.370Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul", "repo": "https://github.com/hashicorp/consul", "vendor": "HashiCorp", "versions": [ { "lessThan": "1.20.1", "status": "affected", "version": "1.9.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "platforms": [ "64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux" ], "product": "Consul Enterprise", "repo": "https://github.com/hashicorp/consul", "vendor": "HashiCorp", "versions": [ { "changes": [ { "at": "1.19.3", "status": "unaffected" }, { "at": "1.18.5", "status": "unaffected" }, { "at": "1.15.15", "status": "unaffected" } ], "lessThan": "1.20.1", "status": "affected", "version": "1.9.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eA vulnerability was identified in Consul and Consul Enterprise (\u201cConsul\u201d) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.\u003c/p\u003e\u003cbr/\u003e" } ], "value": "A vulnerability was identified in Consul and Consul Enterprise (\u201cConsul\u201d) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules." } ], "impacts": [ { "capecId": "CAPEC-126", "descriptions": [ { "lang": "en", "value": "CAPEC-126: Path Traversal" } ] } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-30T21:19:22.576Z", "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp" }, "references": [ { "url": "https://discuss.hashicorp.com/t/hcsec-2024-22-consul-l7-intentions-vulnerable-to-url-path-bypass" } ], "source": { "advisory": "HCSEC-2024-22", "discovery": "EXTERNAL" }, "title": "Consul L7 Intentions Vulnerable To URL Path Bypass" } }, "cveMetadata": { "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "assignerShortName": "HashiCorp", "cveId": "CVE-2024-10005", "datePublished": "2024-10-30T21:19:22.576Z", "dateReserved": "2024-10-15T17:46:30.633Z", "dateUpdated": "2024-10-31T14:01:55.370Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }