DirectorySecurity Advisories
Sign In
Security Advisories

CGA-9fxc-gjpw-fw7h

Published

Last updated

https://images.chainguard.dev/security/CGA-9fxc-gjpw-fw7h
Package

consul-1.17

Latest Update
Not affected
Aliases
  • CVE-2021-37219
  • GHSA-ccw8-7688-vqx4

Severity

8.8

High

CVSS V3

Summary

HashiCorp Consul Privilege Escalation Vulnerability

Description

HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.

References

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogResearchEventsTrust CenterDocumentation