CVE-2023-2816: Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner
First published: Fri Jun 02 2023(Updated: )
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.
Credit: security@hashicorp.com security@hashicorp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HashiCorp Consul | >=1.15.0<1.15.3 | |
| HashiCorp Consul | >=1.15.0<1.15.3 | |
| go/github.com/hashicorp/consul | >=1.15.0<1.15.3 | 1.15.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-2816?
CVE-2023-2816 is a vulnerability in Consul and Consul Enterprise that allowed any user with service:write permissions to use Envoy extensions to patch remote proxy instances targeting a configured service, regardless of their permission to modify the service.
What is the severity of CVE-2023-2816?
The severity of CVE-2023-2816 is rated as high, with a severity value of 6.5.
What software versions are affected by CVE-2023-2816?
CVE-2023-2816 affects HashiCorp Consul versions between 1.15.0 and 1.15.3, including both the open-source version and Enterprise edition.
How can I fix CVE-2023-2816?
To fix CVE-2023-2816, update to a version of HashiCorp Consul that is not vulnerable (version 1.15.4 or newer).
Where can I find more information about CVE-2023-2816?
You can find more information about CVE-2023-2816 on the HashiCorp discussion forum: <a href='https://discuss.hashicorp.com/t/hcsec-2023-16-consul-envoy-extension-downstream-proxy-configuration-by-upstream-service-owner/54525'>https://discuss.hashicorp.com/t/hcsec-2023-16-consul-envoy-extension-downstream-proxy-configuration-by-upstream-service-owner/54525</a>.
- collector/nvd-latest
- collector/nvd-index
- agent/type
- agent/severity
- agent/title
- agent/description
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/author
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-rqjq-ww83-wv5c
- alias/CVE-2023-2816
- agent/last-modified-date
- agent/references
- agent/softwarecombine
- agent/event
- collector/nvd-cve
- agent/tags
- collector/github-advisory
- vendor/hashicorp
- canonical/hashicorp consul
- version/hashicorp consul/1.15.0
- package-manager/go