8 matches found
GHSA-RQM8-Q8J9-662F Nomad Job Submitter Privilege Escalation Using Workload Identity
Summary A vulnerability was identified in Nomad and Nomad Enterprise “Nomad” such that a user with the submit-job ACL capability can submit a job that can escalate to management-level privileges. This vulnerability, CVE-2023-1299, was introduced in Nomad 1.5.0 and fixed in Nomad 1.5.1. Background...
CVE-2023-1299
HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...
CVE-2023-1299
HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...
CVE-2023-1299 Nomad Job Submitter Privilege Escalation Using Workload Identity
HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...
CVE-2023-1299 Nomad Job Submitter Privilege Escalation Using Workload Identity
HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...
CVE-2023-1299
CVE-2023-1299 affects HashiCorp Nomad and Nomad Enterprise 1.5.0, where a job submitter can escalate to management-level privileges via the workload identity and task API. Root cause (as described in related advisories): the workload identity token can be exposed to the workload through a unix do...
CVE-2023-1299
HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...
CVE-2023-1299
Removed by vendor...