Filter

HashiCorp ConsulConsul Vulnerable To Reflected XSS On Content-Type Error Manipulation

First published (updated )

HashiCorp ConsulConsul L7 Intentions Vulnerable To Headers Bypass

8.3
First published (updated )

HashiCorp ConsulConsul L7 Intentions Vulnerable To URL Path Bypass

8.1
First published (updated )

HashiCorp ConsulDependency on Vulnerable Third-Party Component in GitLab

8.1
First published (updated )

HashiCorp ConsulJWT Auth in L7 Intentions Allow For Mismatched Service Identity and JWT Providers for Access

7.4
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

HashiCorp ConsulConsul Cluster Peering can Result in Denial of Service

7.5
First published (updated )

HashiCorp ConsulConsul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner

8.7
First published (updated )

HashiCorp ConsulConsul Server Panic when Ingress and API Gateways Configured with Peering

First published (updated )

HashiCorp ConsulConsul Peering Imported Nodes/Services Leak

7.5
First published (updated )

HashiCorp ConsulHashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 did not properly validate the node or segmen…

7.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

HashiCorp ConsulHashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SA…

First published (updated )

HashiCorp ConsulSSRF

7.5
First published (updated )

HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at lea…

First published (updated )

HashiCorp ConsulHashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has Incorre…

8.8
First published (updated )

HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxie…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid c…

8.8
First published (updated )

HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 app…

7.5
First published (updated )

HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not v…

7.5
First published (updated )

HashiCorp ConsulHashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically craf…

7.5
First published (updated )

HashiCorp ConsulXSS

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

HashiCorp ConsulOut-of-bounds Read

8.6
First published (updated )

HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed operators with operator:read ACL pe…

First published (updated )

go/github.com/hashicorp/consulHashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can…

7.5
First published (updated )

HashiCorp ConsulInput Validation

7.5
First published (updated )

HashiCorp ConsulHashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to no…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

HashiCorp ConsulHashiCorp Consul and Consul Enterprise could crash when configured with an abnormally-formed service…

7.5
First published (updated )

HashiCorp ConsulHashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced…

7.5
First published (updated )

HashiCorp ConsulHashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usag…

7.5
First published (updated )

HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all…

First published (updated )

HashiCorp ConsulHashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Keys not matching a specific ACL …

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

HashiCorp ConsulHashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In o…

7.4
First published (updated )

HashiCorp ConsulHashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended acces…

8.1
First published (updated )

HashiCorp ConsulHashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the …

First published (updated )

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203