Lucene search
K

3 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/11/07 1:1 p.m.6 views

Security Bulletin:Consul’s event endpoint is vulnerable to denial of service

Summary Consul and Consul Enterprise’s “Consul” event endpoint is vulnerable to denial of service DoS due to lack of maximum value on the Content Length header. Vulnerability Details CVEID: CVE-2025-11375 DESCRIPTION: Consul and Consul Enterprise’s “Consul” event endpoint is vulnerable to denial ...

6.5CVSS6.7AI score0.00402EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/28 8:12 p.m.4 views

CVE-2025-11375 Consul's event endpoint is vulnerable to denial of service

Consul and Consul Enterprise’s “Consul” event endpoint is vulnerable to denial of service DoS due to lack of maximum value on the Content Length header. This vulnerability, CVE-2025-11375, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...

6.5CVSS6.3AI score0.00402EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/19 12:0 a.m.4 views

The vulnerability of the Consul Community Edition and Consul Enterprise configuration tools lies in their failure to remove HTTP headers from script syntax, allowing attackers to gain access to confidential information.

The vulnerability of the Consul service configuration tool lies in the lack of measures taken to neutralize HTTP headers in script syntax. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to confidential information through a specially crafted HTTP reques...

5.8CVSS7.2AI score0.00473EPSS
Exploits0References4Affected Software4
Rows per page
Query Builder