CVE-2023-0845 Consul Server Panic when Ingress and API Gateways Configured with Peering

Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5...

PT-2023-2223 · Hashicorp +2 · Hashicorp Consul +3

Name of the Vulnerable Software and Affected Versions: Consul versions prior to 1.14.5 Consul Enterprise versions prior to 1.14.5 Description: The issue is related to an authenticated user with service:write permissions triggering a workflow that causes the Consul server and client agents to cras...