CVE-2019-8336
HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 is vulnerable to an access-restriction bypass, enabling a client to obtain the privileges of another arbitrary token in secondary datacenters due to a token with "" as its secret. Impact: privilege escalation. Remediation: upgrade to 1.4...