3 matches found
CVE-2019-9764
HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In other words, the product behaves as if verifyserverhostname were set to false, even when it is actually set to true. This is fixed in 1.4.4...
CVE-2019-9764 vulnerabilities
Vulnerabilities for packages: k3d...
CVE-2019-9764
CVE-2019-9764 affects HashiCorp Consul 1.4.3, where agent-to-agent TLS does not verify server hostname, making it behave as if verify_server_hostname were false. This can impact confidentiality and integrity (per CVSS metadata). The issue is fixed in 1.4.4; remediation is to upgrade to 1.4.4 or l...