Filters
Versions
HashiCorp ConsulConsul Vulnerable To Reflected XSS On Content-Type Error Manipulation
6.1
First published (updated )
HashiCorp ConsulConsul L7 Intentions Vulnerable To Headers Bypass
8.3
First published (updated )
HashiCorp ConsulConsul L7 Intentions Vulnerable To URL Path Bypass
8.1
First published (updated )
HashiCorp ConsulDependency on Vulnerable Third-Party Component in GitLab
8.1
First published (updated )
HashiCorp ConsulJWT Auth in L7 Intentions Allow For Mismatched Service Identity and JWT Providers for Access
7.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
HashiCorp ConsulConsul Cluster Peering can Result in Denial of Service
7.5
First published (updated )
HashiCorp ConsulConsul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner
8.7
First published (updated )
HashiCorp ConsulConsul Server Panic when Ingress and API Gateways Configured with Peering
6.5
First published (updated )
HashiCorp ConsulConsul Peering Imported Nodes/Services Leak
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 did not properly validate the node or segmen…
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
HashiCorp ConsulHashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SA…
6.5
First published (updated )
HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at lea…
6.5
First published (updated )
HashiCorp ConsulHashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has Incorre…
8.8
First published (updated )
HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxie…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid c…
8.8
First published (updated )
HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 app…
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not v…
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically craf…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed operators with operator:read ACL pe…
6.5
First published (updated )
go/github.com/hashicorp/consulHashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can…
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to no…
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
HashiCorp ConsulHashiCorp Consul and Consul Enterprise could crash when configured with an abnormally-formed service…
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced…
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usag…
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all…
5.3
First published (updated )
HashiCorp ConsulHashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Keys not matching a specific ACL …
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
HashiCorp ConsulHashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In o…
7.4
First published (updated )
HashiCorp ConsulHashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended acces…
8.1
First published (updated )
HashiCorp ConsulHashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the …
5.9
First published (updated )