Lucene search
GoogleOSV:CVE-2019-12291HistoryJun 06, 2019 - 5:29 p.m.
CVE-2019-12291
2019-06-0617:29:00
Google
osv.dev
2
HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Keys not matching a specific ACL rule used for prefix matching in a policy can be deleted by a token using that policy even with default deny settings configured.
| CPE | Name | Operator | Version |
|---|---|---|---|
| consul | eq | 1.4.3 | |
| consul | eq | api/v1.1.0 | |
| consul | eq | internal/v0.1.0 | |
| consul | eq | sdk/v0.1.0 | |
| consul | eq | 1.4.4 | |
| consul | eq | 1.4.0 | |
| consul | eq | 1.4.1 | |
| consul | eq | 1.5.0 | |
| consul | eq | api/v1.0.1 | |
| consul | eq | sdk/v0.1.1 |
References
Related
nvd
nvd
CVE-2019-12291
2019-06-06 17:29:00
cvelist
cvelist
CVE-2019-12291
2019-06-06 16:35:38
ubuntucve
ubuntucve
CVE-2019-12291
2019-06-06 00:00:00
github
github
HashiCorp Consul Incorrect Access Control vulnerability
2023-06-09 23:23:42
cve
cve
CVE-2019-12291
2019-06-06 17:29:00
veracode
veracode
Unauthorised Deletion
2019-06-04 05:30:48
osv
osv
HashiCorp Consul Incorrect Access Control vulnerability
2023-06-09 23:23:42
prion
prion
Design/Logic Flaw
2019-06-06 17:29:00
debiancve
debiancve
CVE-2019-12291
2019-06-06 17:29:00