4 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-12291
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Keys not matching a specific ACL rule used for prefix matching in a policy can be deleted by ...
CVE-2019-12291
HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Keys not matching a specific ACL rule used for prefix matching in a policy can be deleted by a token using that policy even with default deny settings configured...
CVE-2019-12291
HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Keys not matching a specific ACL rule used for prefix matching in a policy can be deleted by a token using that policy even with default deny settings configured...
CVE-2019-12291
HashiCorp Consul 1.4.0–1.5.0 contains an Incorrect Access Control flaw where keys not matching a specific ACL rule used for prefix matching can be deleted by a token bound to that policy, even with default-deny settings. Root cause involves ACL enforcement for local tokens/policy scope, as descri...