Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:57 a.m.18 views

CVE-2023-3518

HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1...

7.4CVSS7.4AI score0.0038EPSS
Exploits0
OSV
OSV
added 2023/08/09 6:30 p.m.16 views

GHSA-9RHF-Q362-77MX Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers

A vulnerability was identified in Consul such that using JWT authentication for service mesh incorrectly allows/denies access regardless of service identities. This vulnerability, CVE-2023-3518, affects Consul 1.16.0 and was fixed in 1.16.1...

7.4CVSS7.2AI score0.0038EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/08/09 6:30 p.m.31 views

Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers

A vulnerability was identified in Consul such that using JWT authentication for service mesh incorrectly allows/denies access regardless of service identities. This vulnerability, CVE-2023-3518, affects Consul 1.16.0 and was fixed in 1.16.1...

7.4CVSS7.4AI score0.0038EPSS
Exploits0References3Affected Software1
Wolfi
Wolfi
added 2023/08/09 4:15 p.m.35 views

CVE-2023-3518 vulnerabilities

Vulnerabilities for packages: consul...

7.4CVSS7.4AI score0.0038EPSS
Exploits0
Cvelist
Cvelist
added 2023/08/09 3:6 p.m.31 views

CVE-2023-3518 JWT Auth in L7 Intentions Allow For Mismatched Service Identity and JWT Providers for Access

HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1...

7.4CVSS7.6AI score0.0038EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/09 3:6 p.m.18 views

CVE-2023-3518 JWT Auth in L7 Intentions Allow For Mismatched Service Identity and JWT Providers for Access

HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1...

7.4CVSS7.2AI score0.0038EPSS
Exploits0References1
CVE
CVE
added 2023/08/09 3:6 p.m.2857 views

CVE-2023-3518

HashiCorp Consul and Consul Enterprise 1.16.0 had a vulnerability in JWT-based service-mesh authentication that allowed or denied access independent of service identities. The issue is fixed in version 1.16.1. No exploitation details are provided in the connected documents. Affected product/versi...

7.4CVSS7.1AI score0.0038EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder