CGA-3m7h-j4jg-49h2

Published

Last updated

https://images.chainguard.dev/security/CGA-3m7h-j4jg-49h2

Package

consul-1.15

Latest Update

Not affected

Aliases

CVE-2023-1297
GHSA-c57c-7hrj-6q6v

Severity

4.9

Medium

CVSS V3

Summary

Hashicorp Consul vulnerable to denial of service

Description

Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1297
https://github.com/advisories/GHSA-c57c-7hrj-6q6v
https://discuss.hashicorp.com/t/hcsec-2023-15-consul-cluster-peering-can-result-in-denial-of-service/54515
https://github.com/hashicorp/consul

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CGA-3m7h-j4jg-49h2

Severity

Summary

Description

References

Updates

Product

Why Chainguard

Customers

Company

Resources