PT-2019-19855 · Hashicorp +1 · Hashicorp Consul +1

Name of the Vulnerable Software and Affected Versions: HashiCorp Consul version 1.4.3 Description: The issue arises from a lack of server hostname verification for agent-to-agent TLS communication in HashiCorp Consul. This occurs even when the verify server hostname setting is set to true, causin...

PT-2019-18973 · Hashicorp +1 · Hashicorp Consul +2

Name of the Vulnerable Software and Affected Versions: HashiCorp Consul and Consul Enterprise versions 1.4.0 through 1.4.2 Description: The issue allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters. This occurs...

PT-2018-15031 · Hashicorp +1 · Hashicorp Consul +1

Name of the Vulnerable Software and Affected Versions: HashiCorp Consul versions 0.5.1 through 1.4.0 Description: The issue arises from the improper documentation of the verify outgoing setting, allowing HashiCorp Consul to use cleartext agent-to-agent RPC communication. This affects versions 0.5...