7 matches found
Hashicorp Nomad ACLs Cannot Deny Access to Workload’s Own Variables
A vulnerability was identified in Nomad and Nomad Enterprise “Nomad” such that a deny ACL capability could not be applied to a workload’s own variables. If included, the Nomad ACL system will silently fail to block access. This vulnerability, CVE-2023-1296, was fixed in Nomad 1.4.6 and 1.5.1...
GHSA-HHVX-8755-4CVW Hashicorp Nomad ACLs Cannot Deny Access to Workload’s Own Variables
A vulnerability was identified in Nomad and Nomad Enterprise “Nomad” such that a deny ACL capability could not be applied to a workload’s own variables. If included, the Nomad ACL system will silently fail to block access. This vulnerability, CVE-2023-1296, was fixed in Nomad 1.4.6 and 1.5.1...
CVE-2023-1296
creationtimestamp| type| source ---|---|--- 2023-03-14 17:23:31+00:00| seen| https://t.me/cibsecurity/59974...
CVE-2023-1296
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s variables. Fixed in 1.4.6 and 1.5.1...
CVE-2023-1296 Nomad ACLs Can Not Deny Access to Workload's Own Variables
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s variables. Fixed in 1.4.6 and 1.5.1...
CVE-2023-1296
Removed by vendor...
CVE-2023-1296
HashiCorp Nomad and Nomad Enterprise were vulnerable where deny policies on a workload’s variables were not enforced. Affected versions: Nomad/Nomad Enterprise 1.4.0 up to 1.5.0. Root cause involves ACL/deny policy enforcement for workload variables. Impact per sources is limited to confidential ...