Redhat.comRH:CVE-2023-5332CVE-2023-5332
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
48.3%
A command injection flaw was found in Hashicorp’s Consul script check configuration option. If the API is enabled and exposed through a public interface, it is possible to achieve remote code execution.
Mitigation
To mitigate this issue, the '-enable-script-checks' option must be removed to disable the vulnerable component. It's also possible to limit exploitability by using the '-enable-local-script-checks' option to restrict the vulnerable option to only local checks and/or by binding the API to a loopback interface.
Related
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
48.3%