Lucene search
K

8 matches found

OSV
OSV
added 2023/03/14 3:30 p.m.29 views

GHSA-RQM8-Q8J9-662F Nomad Job Submitter Privilege Escalation Using Workload Identity

Summary A vulnerability was identified in Nomad and Nomad Enterprise “Nomad” such that a user with the submit-job ACL capability can submit a job that can escalate to management-level privileges. This vulnerability, CVE-2023-1299, was introduced in Nomad 1.5.0 and fixed in Nomad 1.5.1. Background...

8.8CVSS8AI score0.00532EPSS
Exploits0References3
OSV
OSV
added 2023/03/14 3:15 p.m.18 views

CVE-2023-1299

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

8.8CVSS9AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/03/14 3:15 p.m.25 views

CVE-2023-1299

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

8.8CVSS7.2AI score0.00532EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/14 2:46 p.m.16 views

CVE-2023-1299 Nomad Job Submitter Privilege Escalation Using Workload Identity

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

7.4CVSS9AI score0.00532EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/14 2:46 p.m.10 views

CVE-2023-1299 Nomad Job Submitter Privilege Escalation Using Workload Identity

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

7.4CVSS8.8AI score0.00532EPSS
Exploits0References1
CVE
CVE
added 2023/03/14 2:46 p.m.97 views

CVE-2023-1299

CVE-2023-1299 affects HashiCorp Nomad and Nomad Enterprise 1.5.0, where a job submitter can escalate to management-level privileges via the workload identity and task API. Root cause (as described in related advisories): the workload identity token can be exposed to the workload through a unix do...

8.8CVSS8AI score0.00532EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2023/03/14 2:46 p.m.47 views

CVE-2023-1299

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

8.8CVSS8.1AI score0.00532EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/03/14 2:46 p.m.25 views

CVE-2023-1299

Removed by vendor...

8.8CVSS8.7AI score0.00532EPSS
Exploits0
Rows per page
Query Builder