CVE-2020-28053

🗓️ 23 Nov 2020 14:12:15Reported by [email protected]Type

HashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed operators to read Connect CA private ke

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 20
Veracode	Privilege Escalation	7 Dec 202003:46	–	veracode
UbuntuCve	CVE-2020-28053	23 Nov 202000:00	–	ubuntucve
Tenable Nessus	FreeBSD : consul -- Fix Consul Connect CA private key configuration (8d17229f-3054-11eb-a455-ac1f6b16e566)	7 Dec 202000:00	–	nessus
Tenable Nessus	Photon OS 3.0: Consul PHSA-2021-3.0-0181	13 Jan 202100:00	–	nessus
Tenable Nessus	GLSA-202208-09 : HashiCorp Consul: Multiple Vulnerabilities	10 Aug 202200:00	–	nessus
Tenable Nessus	Photon OS 5.0: Telegraf PHSA-2023-5.0-0041	24 Jul 202400:00	–	nessus
FreeBSD	consul -- Fix Consul Connect CA private key configuration	2 Nov 202000:00	–	freebsd
OSV	BIT-consul-2020-28053	6 Mar 202410:54	–	osv
OSV	GO-2024-2505 Privilege Escalation in HashiCorp Consul in github.com/hashicorp/consul	28 Jun 202415:28	–	osv
OSV	CVE-2020-28053	23 Nov 202014:15	–	osv

Nvd

Node

hashicorp consulRange1.2.0–1.6.10-

hashicorp consulRange1.2.0–1.6.10enterprise

hashicorp consulRange1.7.0–1.7.10-

hashicorp consulRange1.7.0–1.7.10enterprise

hashicorp consulRange1.8.0–1.8.6-

hashicorp consulRange1.8.0–1.8.6enterprise

Source	Link
github	www.github.com/hashicorp/consul/blob/master/CHANGELOG.md
security	www.security.gentoo.org/glsa/202208-09
hashicorp	www.hashicorp.com/blog/category/consul

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Nov 2020 14:15Current

6.9Medium risk

Vulners AI Score6.9

CVSS24

CVSS36.5

EPSS0.00251

CWE-863