Lucene search
K

7 matches found

OSV
OSV
added 2023/07/06 7:24 p.m.17 views

GHSA-HHVX-8755-4CVW Hashicorp Nomad ACLs Cannot Deny Access to Workload’s Own Variables

A vulnerability was identified in Nomad and Nomad Enterprise “Nomad” such that a deny ACL capability could not be applied to a workload’s own variables. If included, the Nomad ACL system will silently fail to block access. This vulnerability, CVE-2023-1296, was fixed in Nomad 1.4.6 and 1.5.1...

5.3CVSS4.2AI score0.0054EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/07/06 7:24 p.m.25 views

Hashicorp Nomad ACLs Cannot Deny Access to Workload’s Own Variables

A vulnerability was identified in Nomad and Nomad Enterprise “Nomad” such that a deny ACL capability could not be applied to a workload’s own variables. If included, the Nomad ACL system will silently fail to block access. This vulnerability, CVE-2023-1296, was fixed in Nomad 1.4.6 and 1.5.1...

5.3CVSS6.7AI score0.0054EPSS
Exploits0References3Affected Software1
Circl
Circl
added 2023/03/14 5:23 p.m.7 views

CVE-2023-1296

creationtimestamp| type| source ---|---|--- 2023-03-14 17:23:31+00:00| seen| https://t.me/cibsecurity/59974...

5.3CVSS5.4AI score0.0054EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/03/14 3:15 p.m.17 views

CVE-2023-1296

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s variables. Fixed in 1.4.6 and 1.5.1...

5.3CVSS6AI score0.0054EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/14 2:45 p.m.10 views

CVE-2023-1296 Nomad ACLs Can Not Deny Access to Workload's Own Variables

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s variables. Fixed in 1.4.6 and 1.5.1...

2.7CVSS5.1AI score0.0054EPSS
Exploits0References1
CVE
CVE
added 2023/03/14 2:45 p.m.88 views

CVE-2023-1296

HashiCorp Nomad and Nomad Enterprise were vulnerable where deny policies on a workload’s variables were not enforced. Affected versions: Nomad/Nomad Enterprise 1.4.0 up to 1.5.0. Root cause involves ACL/deny policy enforcement for workload variables. Impact per sources is limited to confidential ...

5.3CVSS4.4AI score0.0054EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2023/03/14 2:45 p.m.17 views

CVE-2023-1296

Removed by vendor...

5.3CVSS5.4AI score0.0054EPSS
Exploits0
Rows per page
Query Builder