2 matches found
Consul Operator Read ACL Enables Connect Service Masquerading
Summary A vulnerability, CVE-2020-28053, was identified in Consul and Consul Enterprise “Consul” such that operators with operator:read ACL permissions were able to read the Consul Connect CA configuration including the private key. Background Consul Connect utilizes mutual TLS to establish servi...
CVE-2020-28053
creationtimestamp| type| source ---|---|--- 2020-11-23 16:45:43+00:00| seen| https://t.me/cibsecurity/16691...