12 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-2816
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy...
CVE-2023-2816
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
GLSA-202412-14 : HashiCorp Consul: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202412-14 HashiCorp Consul: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in HashiCorp Consul. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding descriptio...
CVE-2023-2816 affecting package telegraf for versions less than 1.29.4-1
CVE-2023-2816 affecting package telegraf for versions less than 1.29.4-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-2816 affecting package telegraf for versions less than 1.28.5-1
CVE-2023-2816 affecting package telegraf for versions less than 1.28.5-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-2816
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
AZL-27396 CVE-2023-2816 affecting package telegraf for versions less than 1.28.5-1
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
CVE-2023-2816
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
CVE-2023-2816
CVE-2023-2816 affects HashiCorp Consul/Consul Enterprise: any user with service:write can use Envoy extensions configured via service-defaults to patch remote proxy instances targeting a service, regardless of permissions on that service. This implies potential unauthorized proxy modification wit...
CVE-2023-2816 Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
CVE-2023-2816 Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
CVE-2023-2816 Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...