[ASA-202107-69] consul: multiple issues

🗓️ 27 Jul 2021 00:00:00Reported by ArchLinuxType

archlinux

archlinux🔗 security.archlinux.org👁 278 Views

Package consul version 1.9.8-1 multiple security issue

Reporter	Title	Published	Views	Family All 75
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs	26 Mar 202503:48	–	ibm
AlpineLinux	CVE-2021-32574	17 Jul 202118:15	–	alpinelinux
AlpineLinux	CVE-2021-36213	17 Jul 202118:15	–	alpinelinux
Chainguard	CVE-2021-32574 vulnerabilities	17 Jul 202118:15	–	cgr
Chainguard	CVE-2021-36213 vulnerabilities	17 Jul 202118:15	–	cgr
Circl	CVE-2021-32574	17 Jul 202122:29	–	circl
Circl	CVE-2021-36213	17 Jul 202122:29	–	circl
CNNVD	Hashicorp HashiCorp Consul 信任管理问题漏洞	17 Jul 202100:00	–	cnnvd
CNNVD	Hashicorp HashiCorp Consul 输入验证错误漏洞	17 Jul 202100:00	–	cnnvd
CVE	CVE-2021-32574	17 Jul 202117:28	–	cve

OS	OS Version	Architecture	Package	Package Version	Filename
Arch Linux	–	any	consul	1.9.8-1	consul-1.9.8-1-any.pkg.tar.zst

Source	Link
security	www.security.archlinux.org/AVG-2171
discuss	www.discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856
github	www.github.com/hashicorp/consul/issues/6364
github	www.github.com/hashicorp/consul/pull/10621
github	www.github.com/hashicorp/consul/pull/10623
github	www.github.com/hashicorp/consul/commit/2bca52fa88caedc2b6a7cc3627f3cd1f683c6d74
github	www.github.com/hashicorp/consul/commit/0b4fe4b7a2a7c400521248a0d548429963f4c614
discuss	www.discuss.hashicorp.com/t/hcsec-2021-16-consul-s-application-aware-intentions-deny-action-fails-open-when-combined-with-default-deny-policy/26855
github	www.github.com/hashicorp/consul/pull/10619
github	www.github.com/hashicorp/consul/pull/10620

27 Jul 2021 00:00Current

0.7Low risk

Vulners AI Score0.7

CVSS 25

CVSS 3.17.5

EPSS0.00802

consul security certificate_verification access_restriction_bypass hashicorp cve-2021-32574 cve-2021-36213 ssl xds l7 deny_intention upstream invalid_certificate