Latest Hashicorp Vulnerabilities

CVE-2024-1329
Nomad Vulnerable to Arbitrary Write Through Symlink Attack
go/github.com/hashicorp/nomad=1.7.3
go/github.com/hashicorp/nomad>=1.6.0<=1.6.6
go/github.com/hashicorp/nomad=1.5.13
HashiCorp Nomad>=1.5.13<1.5.14
HashiCorp Nomad>=1.6.6<1.6.7
HashiCorp Nomad>=1.7.3.<1.7.4
and 3 more
CVE-2024-1052
Boundary Vulnerable to Session Hijacking Through TLS Certificate Tampering
go/github.com/hashicorp/boundary>=0.8.0<0.15.0
HashiCorp Boundary>=0.8.0<0.15.0
CVE-2024-0831
Vault May Expose Sensitive Information When Configuring An Audit Log Device
go/github.com/hashicorp/vault>=1.15.0<1.15.5
HashiCorp Vault>=1.15.0<1.15.5
HashiCorp Vault>=1.15.0<1.15.5
CVE-2023-6337
Vault May be Vulnerable to a Denial of Service Through Memory Exhaustion When Handling Large HTTP Requests
go/github.com/hashicorp/vault>=1.12.0<1.13.12
go/github.com/hashicorp/vault>=1.14.0<1.14.8
go/github.com/hashicorp/vault>=1.15.0<1.15.4
<=1.12.0
<=1.12.0
>=1.13.0<1.13.12
and 5 more
CVE-2023-5332
Configuration in GitLab
GitLab GitLab>=9.5.0<16.2.8
GitLab GitLab>=16.3.0<16.3.5
GitLab GitLab=16.4.0
HashiCorp Consul<0.9.4
HashiCorp Consul>=1.0.0<1.0.8
HashiCorp Consul>=1.2.0<1.2.4
and 1 more
CVE-2023-5954
Vault Requests Triggering Policy Checks May Lead To Unbounded Memory Consumption
go/github.com/hashicorp/vault>=1.15.0<1.15.2
go/github.com/hashicorp/vault>=1.14.0<1.14.6
go/github.com/hashicorp/vault<1.13.10
HashiCorp Vault>=1.13.7<1.13.10
HashiCorp Vault>=1.13.7<1.13.10
HashiCorp Vault>=1.14.3<1.14.6
and 9 more
CVE-2023-5834
Vagrant’s Windows Installer Allowed Directory Junction Write
HashiCorp Vagrant<2.4.0
go/github.com/hashicorp/vagrant<2.4.0
CVE-2023-3775
A Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potent...
HashiCorp Vault>=0.11.0<1.13.8
HashiCorp Vault>=1.14.0<1.14.4
CVE-2023-5077
The Vault and Vault Enterprise ("Vault") Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Fixed in Vault 1.13.0.
HashiCorp Vault>=0.10.0<1.13.0
HashiCorp Vault>=0.10.0<1.13.0
>=0.10.0<1.13.0
>=0.10.0<1.13.0
go/github.com/hashicorp/vault<1.13.0
redhat/vault<1.13.0
CVE-2023-4680
HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an...
go/github.com/hashicorp/vault>=1.14.0<1.14.3
go/github.com/hashicorp/vault>=1.13.0<1.13.7
go/github.com/hashicorp/vault>=1.6.0<1.12.11
HashiCorp Vault>=1.6.0<1.12.11
HashiCorp Vault>=1.6.0<1.12.11
HashiCorp Vault>=1.13.0<1.13.7
and 3 more
CVE-2023-4782
Terraform version 1.0.8 through 1.5.6 allows arbitrary file write during the `init` operation if run on maliciously crafted Terraform configuration. This vulnerability is fixed in Terraform 1.5.7.
Hashicorp Terraform>=1.0.8<1.5.7
CVE-2023-3518
A vulnerability was identified in Consul such that using JWT authentication for service mesh incorrectly allows/denies access regardless of service identities. This vulnerability, CVE-2023-3518, affec...
HashiCorp Consul=1.16.0
HashiCorp Consul=1.16.0
HashiCorp Consul=1.16.0-rc1
go/github.com/hashicorp/consul=1.16.0
CVE-2023-3462
HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. An attacker may submit requests of existent and non-existent LDAP users and observe the respo...
HashiCorp Vault>=1.13.0<1.13.5
HashiCorp Vault>=1.13.0<1.13.5
HashiCorp Vault=1.14.0
HashiCorp Vault=1.14.0
redhat/vault<1.14.1
redhat/vault<1.13.5
CVE-2023-3774
An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9.
HashiCorp Vault=1.12.8
HashiCorp Vault=1.13.4
HashiCorp Vault=1.14.0
CVE-2023-3299
HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11.
HashiCorp Nomad>=1.2.11<=1.4.10
HashiCorp Nomad>=1.2.11<=1.4.10
HashiCorp Nomad>=1.5.0<=1.5.6
HashiCorp Nomad>=1.5.0<=1.5.6
go/github.com/hashicorp/nomad>=1.5.0<1.5.7
go/github.com/hashicorp/nomad>=1.2.11<1.4.11
and 4 more
CVE-2023-3072
A vulnerability was identified in Nomad, an ACL policy using a block without label may be applied to unexpected resources. This vulnerability, CVE-2023-3072, affects Nomad from 0.7 up to 1.5.6 and 1.4...
HashiCorp Nomad>=0.7.0<=1.4.10
HashiCorp Nomad>=0.7.0<=1.4.10
HashiCorp Nomad>=1.5.0<=1.5.6
HashiCorp Nomad>=1.5.0<=1.5.6
go/github.com/hashicorp/nomad>=1.5.0<1.5.6
go/github.com/hashicorp/nomad>=0.7.0<1.4.11
and 4 more
CVE-2023-3300
A vulnerability was identified in Nomad such that the search HTTP API can reveal names of available CSI plugins to unauthenticated users or users without the plugin:read policy. This vulnerability, CV...
HashiCorp Nomad>=0.11.0<=1.4.1
HashiCorp Nomad>=0.11.0<=1.4.1
HashiCorp Nomad>=1.5.0<=1.5.6
HashiCorp Nomad>=1.5.0<=1.5.6
go/github.com/hashicorp/nomad>=1.5.0<1.5.7
go/github.com/hashicorp/nomad>=0.11.0<1.4.11
CVE-2023-3114
Terraform Enterprise since v202207-1 did not properly implement authorization rules for agent pools, allowing the workspace to be targeted by unauthorized agents. This authorization flaw could potenti...
HashiCorp Terraform Enterprise>=202207-1<202306-1
CVE-2023-2121
Vault and Vault Enterprise's (Vault) key-value v2 (kv-v2) diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is fixed in Vault 1.14.0, 1.13...
HashiCorp Vault<1.11.11
HashiCorp Vault<1.11.11
HashiCorp Vault>=1.12.0<1.12.7
HashiCorp Vault>=1.12.0<1.12.7
HashiCorp Vault>=1.13.0<1.13.3
HashiCorp Vault>=1.13.0<1.13.3
and 7 more
CVE-2023-2816
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service,...
HashiCorp Consul>=1.15.0<1.15.3
HashiCorp Consul>=1.15.0<1.15.3
CVE-2023-1297
Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial o...
HashiCorp Consul>=1.13.0<1.14.7
HashiCorp Consul>=1.13.0<1.14.7
HashiCorp Consul>=1.15.0<1.15.3
HashiCorp Consul>=1.15.0<1.15.3
CVE-2023-1782
HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizations for clusters where mTLS is not enabled. This issue is fixed in version...
HashiCorp Nomad>=1.5.0<=1.5.2
HashiCorp Nomad>=1.5.0<=1.5.2
CVE-2023-0665
HashiCorp Vault's PKI mount issuer endpoints did not correctly authorize access to remove an issuer or modify issuer metadata, potentially resulting in denial of service of the PKI mount. This bug did...
go/github.com/hashicorp/vault>=1.13.0<1.13.1
go/github.com/hashicorp/vault>=1.12.0<1.12.5
go/github.com/hashicorp/vault<1.11.9
HashiCorp Vault<1.11.9
HashiCorp Vault<1.11.9
HashiCorp Vault>=1.12.0<1.12.5
and 6 more
CVE-2023-0620
HashiCorp Vault and Vault Enterprise versions 0.8.0 until 1.13.1 are vulnerable to an SQL injection attack when using the Microsoft SQL (MSSQL) Database Storage Backend. When configuring the MSSQL plu...
HashiCorp Vault<1.11.9
HashiCorp Vault<1.11.9
HashiCorp Vault>=1.12.0<1.12.5
HashiCorp Vault>=1.12.0<1.12.5
HashiCorp Vault>=1.13.0<1.13.1
HashiCorp Vault>=1.13.0<1.13.1
and 3 more
CVE-2023-25000
HashiCorp Vault's implementation of Shamir's secret sharing used precomputed table lookups, and was vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large n...
HashiCorp Vault<1.11.9
HashiCorp Vault<1.11.9
HashiCorp Vault>=1.12.0<1.12.5
HashiCorp Vault>=1.12.0<1.12.5
HashiCorp Vault>=1.13.0<1.13.1
HashiCorp Vault>=1.13.0<1.13.1
and 3 more
CVE-2023-1299
HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1.
HashiCorp Nomad=1.5.0
HashiCorp Nomad=1.5.0
CVE-2023-1296
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s variables. Fixed in 1.4.6 and 1.5.1.
HashiCorp Nomad>=1.4.0<1.4.6
HashiCorp Nomad>=1.4.0<1.4.6
HashiCorp Nomad=1.5.0
HashiCorp Nomad=1.5.0
CVE-2023-24999
HashiCorp Vault and Vault Enterprise’s approle auth method allowed any authenticated user with access to an approle destroy endpoint to destroy the secret ID of any other role by providing the secret ...
HashiCorp Vault<1.10.11
HashiCorp Vault<1.10.11
HashiCorp Vault>=1.11.0<1.11.8
HashiCorp Vault>=1.11.0<1.11.8
HashiCorp Vault>=1.12.0<1.12.4
HashiCorp Vault>=1.12.0<1.12.4
CVE-2023-0845
Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This v...
HashiCorp Consul<1.14.5
go/github.com/hashicorp/consul>=1.14.0<1.14.5
CVE-2023-0821
HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage. Fixed in 1.2.16, 1.3.9, and 1.4.4.
HashiCorp Nomad<1.2.15
HashiCorp Nomad<1.2.15
HashiCorp Nomad>=1.3.0<1.3.9
HashiCorp Nomad>=1.3.0<1.3.9
HashiCorp Nomad>=1.4.0<1.4.4
HashiCorp Nomad>=1.4.0<1.4.4
CVE-2023-0475
HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0.
HashiCorp go-getter<=1.6.2
HashiCorp go-getter=2.1.1
redhat/go-getter<1.7.0
redhat/go-getter<2.2.0
CVE-2023-0690
HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after ...
HashiCorp Boundary>=0.10.0<0.12.0
CVE-2022-3920
HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering's imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0.
HashiCorp Consul>=1.13.0<=1.13.3
HashiCorp Consul>=1.13.0<=1.13.3
CVE-2022-3867
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 event stream subscribers using a token with TTL receive updates until token garbage is collected. Fixed in 1.4.2.
HashiCorp Nomad=1.4.0
HashiCorp Nomad=1.4.0
HashiCorp Nomad=1.4.1
HashiCorp Nomad=1.4.1
CVE-2022-3866
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under `nomad/` that belong to other jobs in the same namespace. Fixed in 1.4.2.
go/github.com/hashicorp/nomad>=1.4.0<1.4.2
HashiCorp Nomad=1.4.0
HashiCorp Nomad=1.4.0
HashiCorp Nomad=1.4.1
HashiCorp Nomad=1.4.1
CVE-2022-36182
Hashicorp Boundary v0.8.0 is vulnerable to Clickjacking which allow for the interception of login credentials, re-direction of users to malicious sites, or causing users to perform malicious actions o...
HashiCorp Boundary<0.11.0
CVE-2022-41606
HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Fixed in 1.2.13, 1.3.6, and 1...
HashiCorp Nomad>=1.0.2<1.2.13
HashiCorp Nomad>=1.0.2<1.2.13
HashiCorp Nomad>=1.3.0<1.3.6
HashiCorp Nomad>=1.3.0<1.3.6
CVE-2022-41316
HashiCorp Vault and Vault Enterprise’s TLS certificate auth method did not initially load the optionally configured CRL issued by the role's CA into memory on startup, resulting in the revocation list...
HashiCorp Vault<1.9.10
HashiCorp Vault<1.9.10
HashiCorp Vault>=1.10.0<1.10.7
HashiCorp Vault>=1.10.0<1.10.7
HashiCorp Vault>=1.11.0<1.11.4
HashiCorp Vault>=1.11.0<1.11.4
CVE-2022-42717
HashiCorp Vagrant<2.3.1
Linux Linux kernel
CVE-2022-40716
HashiCorp Consul and Consul Enterprise versions prior to 1.11.9, 1.12.5, and 1.13.2 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged acce...
go/github.com/hashicorp/consul>=1.13.0<1.13.2
go/github.com/hashicorp/consul>=1.12.0<1.12.5
go/github.com/hashicorp/consul<1.11.9
HashiCorp Consul<1.11.9
HashiCorp Consul<1.11.9
HashiCorp Consul>=1.12.0<1.12.5
and 3 more
CVE-2021-41803
HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 did not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in ...
HashiCorp Consul>=1.8.1<1.11.9
HashiCorp Consul>=1.8.1<1.11.9
HashiCorp Consul=1.12.4
HashiCorp Consul=1.12.4
HashiCorp Consul=1.13.1
HashiCorp Consul=1.13.1
and 3 more
CVE-2022-40186
An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. A vulnerability in the Identity Engine was found where, in a deployment where an entity has multiple mount accessors with...
HashiCorp Vault>=1.8.0<1.9.9
HashiCorp Vault>=1.8.0<1.9.9
HashiCorp Vault>=1.10.0<1.10.6
HashiCorp Vault>=1.10.0<1.10.6
HashiCorp Vault>=1.11.0<1.11.3
HashiCorp Vault>=1.11.0<1.11.3
CVE-2022-36130
HashiCorp Boundary up to 0.10.1 did not properly perform data integrity checks to ensure the resources were associated with the correct scopes, allowing potential privilege escalation for authorized u...
HashiCorp Boundary<0.10.2
CVE-2022-38149
HashiCorp Consul Template up to 0.27.2, 0.28.2, and 0.29.1 may expose the contents of Vault secrets in the error returned by the *template.Template.Execute method, when given a template using Vault se...
HashiCorp Consul Template<0.29.2
CVE-2022-36129
HashiCorp Vault Enterprise 1.7.0 through 1.9.7, 1.10.4, and 1.11.0 clusters using Integrated Storage expose an unauthenticated API endpoint that could be abused to override the voter status of a node ...
HashiCorp Vault>=1.7.0<=1.9.7
HashiCorp Vault>=1.10.0<=1.10.4
HashiCorp Vault=1.11.0
HashiCorp Vault=1.11.0
CVE-2022-30324
HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client ag...
HashiCorp Nomad>=0.2.0<1.1.14
HashiCorp Nomad>=0.2.0<1.1.14
HashiCorp Nomad>=1.2.0<1.2.8
HashiCorp Nomad>=1.2.0<1.2.8
HashiCorp Nomad=1.3.0
HashiCorp Nomad=1.3.0
CVE-2022-30321
go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink processing, and command injection flaws. Fixed in 1.6.1 and 2.1.0.
HashiCorp go-getter<=1.5.11
HashiCorp go-getter=2.0.2
redhat/github.com/hashicorp/go-getter<1.6.1
redhat/github.com/hashicorp/go-getter<2.1.0
CVE-2022-26945
go-getter up to 1.5.11 and 2.0.2 allowed protocol switching, endless redirect, and configuration bypass via abuse of custom HTTP response header processing. Fixed in 1.6.1 and 2.1.0.
HashiCorp go-getter<=1.5.11
HashiCorp go-getter=2.0.2
CVE-2022-30322
go-getter up to 1.5.11 and 2.0.2 allowed asymmetric resource exhaustion when go-getter processed malicious HTTP responses. Fixed in 1.6.1 and 2.1.0.
redhat/github.com/hashicorp/go-getter<1.6.1
redhat/github.com/hashicorp/go-getter<2.1.0
HashiCorp go-getter<=1.5.11
HashiCorp go-getter=2.0.2
CVE-2022-30323
go-getter up to 1.5.11 and 2.0.2 panicked when processing password-protected ZIP files. Fixed in 1.6.1 and 2.1.0.
HashiCorp go-getter<=1.5.11
HashiCorp go-getter=2.0.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203