Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-3787

Malicious code in bioql PyPI...

8.1CVSS8AI score0.01251EPSS
Exploits0References5
OSV
OSV
added 2022/05/13 1:22 a.m.33 views

GHSA-FHM8-CXCV-PWVC HashiCorp Consul Access Restriction Bypass

HashiCorp Consul and Consul Enterprise 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters, because a token with literally "" as its secret is used in unusual circumstances...

8.1CVSS8AI score0.01251EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/13 1:22 a.m.24 views

HashiCorp Consul Access Restriction Bypass

HashiCorp Consul and Consul Enterprise 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters, because a token with literally "" as its secret is used in unusual circumstances...

8.1CVSS7AI score0.01251EPSS
Exploits0References5Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 7:40 p.m.7 views

Consul Legacy ACL Permission Changes Not Propagated to Secondary Datacenters

Summary Consul and Consul Enterprise “Consul” failed to enforce changes to legacy ACL token rules due to non-propagation to secondary datacenters. This vulnerability, CVE-2020-12797, was introduced in Consul 1.4.0 and fixed in 1.6.6 and 1.7.4. Background Consul supports the replication of ACLs...

5.3CVSS6.7AI score0.01552EPSS
Exploits0Affected Software1
Veracode
Veracode
added 2019/03/06 5:12 a.m.15 views

Privilege Escalation

github.com/hashicorp/consul is vulnerable to privilege escalation. In an unusual circumstance, a client is able to bypass access restrictions to obtain higher privileges within secondary datacenters using a secret token...

8.1CVSS7.9AI score0.01251EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2019/03/05 11:29 p.m.18 views

CVE-2019-8336

HashiCorp Consul and Consul Enterprise 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters, because a token with literally "" as its secret is used in unusual circumstances...

8.1CVSS7.2AI score0.01251EPSS
Exploits0References2
Prion
Prion
added 2019/03/05 11:29 p.m.11 views

Security feature bypass

HashiCorp Consul and Consul Enterprise 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters, because a token with literally "" as its secret is used in unusual circumstances...

6.8CVSS8AI score0.01251EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2019/03/05 12:0 a.m.6 views

PT-2019-18973 · Hashicorp +1 · Hashicorp Consul +2

Name of the Vulnerable Software and Affected Versions: HashiCorp Consul and Consul Enterprise versions 1.4.0 through 1.4.2 Description: The issue allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters. This occurs...

8.1CVSS6.6AI score0.01251EPSS
Exploits0References14
Rows per page
Query Builder