CVE-2023-0845

🗓️ 09 Mar 2023 15:14:26Reported by HashiCorpType

Consul & Consul Enterprise authenticated user workflow trigger vulnerability

Reporter	Title	Published	Views	Family All 44
AlpineLinux	CVE-2023-0845	9 Mar 202316:15	–	alpinelinux
Chainguard	CVE-2023-0845 vulnerabilities	9 Mar 202316:15	–	cgr
Circl	CVE-2023-0845	14 Apr 202323:56	–	circl
CNNVD	HashiCorp Consul 代码问题漏洞	9 Mar 202300:00	–	cnnvd
Cvelist	CVE-2023-0845 Consul Server Panic when Ingress and API Gateways Configured with Peering	9 Mar 202315:14	–	cvelist
Debian CVE	CVE-2023-0845	9 Mar 202315:14	–	debiancve
EUVD	EUVD-2023-1131	3 Oct 202520:07	–	euvd
Fedora	[SECURITY] Fedora 38 Update: moby-engine-24.0.5-1.fc38	30 Aug 202301:37	–	fedora
Fedora	[SECURITY] Fedora 37 Update: moby-engine-24.0.5-1.fc37	5 Sep 202300:47	–	fedora
Fedora	[SECURITY] Fedora 39 Update: moby-engine-24.0.5-1.fc39	15 Sep 202319:03	–	fedora

NVD

Node

hashicorp consulRange<1.14.5-

[
  {
    "vendor": "HashiCorp",
    "product": "Consul",
    "platforms": [
      "64 bit",
      "32 bit",
      "x86",
      "ARM",
      "MacOS",
      "Windows",
      "Linux"
    ],
    "repo": "https://github.com/hashicorp/consul",
    "versions": [
      {
        "status": "affected",
        "version": "1.14.0"
      },
      {
        "status": "affected",
        "version": "1.14.1"
      },
      {
        "status": "affected",
        "version": "1.14.2"
      },
      {
        "status": "affected",
        "version": "1.14.3"
      },
      {
        "status": "affected",
        "version": "1.14.4"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "HashiCorp",
    "product": "Consul Enterprise",
    "platforms": [
      "64 bit",
      "32 bit",
      "x86",
      "ARM",
      "MacOS",
      "Windows",
      "Linux"
    ],
    "versions": [
      {
        "status": "affected",
        "version": "1.14.0"
      },
      {
        "status": "affected",
        "version": "1.14.1"
      },
      {
        "status": "affected",
        "version": "1.14.2"
      },
      {
        "status": "affected",
        "version": "1.14.3"
      },
      {
        "status": "affected",
        "version": "1.14.4"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
discuss	www.discuss.hashicorp.com/t/hcsec-2023-06-consul-server-panic-when-ingress-and-api-gateways-configured-with-peering-connections/51197
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/

21 Nov 2024 07:37Current

5.6Medium risk

Vulners AI Score5.6

CVSS 3.14.9 - 6.5

EPSS0.0039

SSVC

CWE-476