13 matches found
EUVD-2023-1879
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-2816
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy...
CVE-2023-2816
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
CBL Mariner 2.0 Security Update: telegraf (CVE-2023-2816)
The version of telegraf installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2816 advisory. - Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions...
BIT-CONSUL-2023-2816 Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
GHSA-RQJQ-WW83-WV5C Hashicorp Consul allows user with service:write permissions to patch remote proxy instances
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
Hashicorp Consul allows user with service:write permissions to patch remote proxy instances
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
CVE-2023-2816
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
AZL-35303 CVE-2023-2816 affecting package telegraf for versions less than 1.29.4-1
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
AZL-27396 CVE-2023-2816 affecting package telegraf for versions less than 1.28.5-1
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
UBUNTU-CVE-2023-2816
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
CVE-2023-2816
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
PT-2023-21601 · Hashicorp · Hashicorp Consul +1
Name of the Vulnerable Software and Affected Versions: Consul and Consul Enterprise affected versions not specified Description: The issue allows any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the...