Lucene search
K
HashicorpRecent

189 matches found

HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/05/20 7:29 p.m.5 views

Vault Renewed Nearly-Expired Leases With Incorrect Non-Expiring TTLs

Summary Vault and Vault Enterprise “Vault” allowed the renewal of nearly-expired token leases and dynamic secret leases specifically, those within 1 second of their maximum TTL, which caused them to be incorrectly treated as non-expiring during subsequent use. This vulnerability, CVE-2021-32923,...

7.4CVSS6.9AI score0.01376EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/05/12 10:29 p.m.7 views

Nomad Bridge Networking Mode Allows ARP Spoofing From Other Bridged Tasks On Same Node

Summary A vulnerability was identified in Nomad and Nomad Enterprise “Nomad” such that Nomad’s bridge networking mode allows ARP spoofing from other bridged tasks on the same node. This vulnerability, CVE-2021-32575, affects all Nomad versions up to 1.0.4, and is fixed in the 0.12.12, 1.0.5 and...

6.5CVSS6.7AI score0.00512EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/05/06 11:59 p.m.5 views

Vault GitHub Action Did Not Correctly Mask Multi-Line Secrets In Output

Summary The Vault GitHub Action, vault-action or vault-secrets “vault-action”, did not correctly mask multi-line secrets in its output. This vulnerability, CVE-2021-32074, was fixed in vault-action 2.2.0. Background The Vault GitHub Action, vault-action...

7.5CVSS7AI score0.0188EPSS
Exploits1Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/04/21 8:35 p.m.7 views

Terraform’s Vault Provider Did Not Correctly Configure Bound Labels for GCP Auth

Summary Terraform’s Vault Provider terraform-provider-vault did not correctly configure GCE-type bound labels for Vault’s GCP auth method. This vulnerability, CVE-2021-30476, was fixed in terraform-provider-vault 2.19.1. Background Terraform’s Vault Provider...

9.8CVSS7AI score0.01597EPSS
Exploits1Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/04/21 8:32 p.m.4 views

Vault’s Cassandra Integrations Did Not Validate TLS Certificates

Summary Vault and Vault Enterprise “Vault” Cassandra integrations, a Vault storage backend and database secrets engine plugin, did not validate TLS certificates when connecting to Cassandra clusters. This vulnerability, CVE-2021-27400, was fixed in Vault and Vault Enterprise 1.6.4 and 1.7.1...

7.5CVSS7AI score0.00568EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/04/21 8:29 p.m.5 views

Vault’s PKI Engine CRL May Exclude Revoked But Unexpired Certificates After Tidy

Summary Vault and Vault Enterprise “Vault” PKI Secrets Engine tidy functionality may cause Vault to exclude revoked-but-unexpired certificates from the Vault CRL. This vulnerability, CVE-2021-29653, was fixed in Vault and Vault Enterprise 1.5.8, 1.6.4, and 1.7.1. Background The Vault PKI Secrets...

7.5CVSS7AI score0.00552EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/04/19 10:44 p.m.6 views

Consul Enterprise Audit Log Bypass for HTTP Events

Summary A vulnerability was identified in Consul Enterprise such that a specially crafted HTTP request can be used to bypass the audit log for HTTP events. This vulnerability, CVE-2021-28156, affects Consul Enterprise versions 1.8.0 up to 1.9.4, and is fixed in the 1.9.5 and 1.8.10 releases...

7.5CVSS6.9AI score0.02273EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/04/19 10:40 p.m.6 views

Consul API KV Endpoint Vulnerable to Cross-Site Scripting

Summary A vulnerability was identified in Consul and Consul Enterprise “Consul” such that a specially crafted key-value entry could be used to perform a cross-site scripting XSS attack when viewed in Consul KV API’s raw mode. This vulnerability, CVE-2020-25864, affects all Consul versions up to...

6.1CVSS6.5AI score0.06095EPSS
Exploits0Affected Software2
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/03/23 7:59 p.m.5 views

Terraform Enterprise Organization-Level MFA Requirement Was Not Enforced

Summary Terraform Enterprise did not enforce the organization-level setting to require all users within an organization to enable two-factor authentication. This vulnerability, CVE-2021-3153, was fixed in Terraform Enterprise v202103-1. Background Terraform Enterprise organizations are a shared...

6.5CVSS6.6AI score0.00653EPSS
Exploits0
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/02/26 12:50 a.m.6 views

Vault Enterprise’s DR Secondaries Exposed License Metadata Without Authentication

Summary Vault Enterprise’s /sys/license endpoint allowed the read of license metadata from Vault DR secondaries without authentication. This vulnerability, CVE-2021-27668, was fixed in Vault Enterprise 1.6.3. Background Vault Enterprise nodes expose the /sys/license API endpoint for access to and...

5.3CVSS6.2AI score0.01043EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/01/29 10:33 p.m.6 views

Vault Enterprise’s DR Secondaries Allowed Raft Peer Removal Without Authentication

Summary Vault Enterprise 1.6.0 and 1.6.1 allowed the remove-peer raft operator command to be executed against DR secondaries without authentication. This vulnerability, CVE-2021-3282, was fixed in Vault Enterprise 1.6.2. Background Vault Enterprise clusters configured with integrated storage also...

7.5CVSS7AI score0.01299EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/01/29 10:27 p.m.6 views

Vault API Endpoint Allowed Enumeration of Secrets Engine Mount Paths Without Authentication

Summary Vault and Vault Enterprise “Vault” allowed the enumeration of Secrets Engine mount paths via unauthenticated HTTP requests. This vulnerability, CVE-2020-25594, was fixed in Vault 1.6.2 & 1.5.7. Background Vault operators are able to mount Secrets Engines at customizable paths. Secrets...

5.3CVSS6.2AI score0.01355EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/01/29 10:16 p.m.6 views

Vault API Endpoint Exposed Internal IP Address Without Authentication

Summary Vault and Vault Enterprise “Vault” would disclose the internal IP address of the Vault node when responding to some invalid, unauthenticated HTTP requests. This vulnerability, CVE-2021-3024, was fixed in Vault 1.6.2 & 1.5.7. Background Vault’s API is the primary means by which a Vault nod...

5.3CVSS6.2AI score0.01355EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/01/29 9:54 p.m.9 views

Nomad’s Exec and Java Task Drivers Did Not Isolate Processes

Summary Nomad and Nomad Enterprise “Nomad” exec and java task drivers may allow a malicious task to access information regarding processes associated with other tasks on the same node. This vulnerability, CVE-2021-3283, affects all prior Nomad versions and is fixed in the 0.12.10 and 1.0.3...

7.5CVSS6.9AI score0.01453EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/12/16 11:9 p.m.6 views

Vault’s LDAP Auth Method Allows User Enumeration

Summary Vault and Vault Enterprise “Vault” allowed enumeration of users via the LDAP auth method. This vulnerability, CVE-2020-35177, was introduced in Vault 1.4.1 and fixed in Vault 1.6.1 and 1.5.6. Background The Vault LDAP auth method documented at LDAP - Auth Methods | Vault by HashiCorp allo...

5.3CVSS6.2AI score0.01289EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/12/16 11:3 p.m.9 views

Vault Enterprise’s Sentinel EGP Policies May Impact Parent or Sibling Namespaces

Summary Vault Enterprise Sentinel EGP policies should be constrained to the namespace in which they’re applied, or to children namespaces. Incorrect parsing of the supplied path, when configuring EGP policies, allowed them to process requests in parent and sibling namespaces. This vulnerability,...

5.3CVSS6.2AI score0.00809EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 8:44 p.m.5 views

Nomad File Sandbox Escape via Container Volume Mount

Summary A vulnerability, CVE-2020-28348, was discovered in Nomad and Nomad Enterprise “Nomad” such that an operator with job submission capabilities can mount the host file system of a client agent and subvert the default Docker file sandbox feature when not explicitly disabled or when using a...

6.5CVSS6.6AI score0.01631EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 8:43 p.m.6 views

Consul Operator Read ACL Enables Connect Service Masquerading

Summary A vulnerability, CVE-2020-28053, was identified in Consul and Consul Enterprise “Consul” such that operators with operator:read ACL permissions were able to read the Consul Connect CA configuration including the private key. Background Consul Connect utilizes mutual TLS to establish servi...

6.5CVSS6.8AI score0.01379EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 8:42 p.m.4 views

Nomad File Sandbox Escape via Template and Artifact Stanzas

Summary A vulnerability was identified in Nomad and Nomad Enterprise “Nomad” such that a specially crafted Nomad jobspec can be used to escape the client file sandbox configuration. This vulnerability, CVE-2020-27195, affects version 0.9.0 up to 0.12.5, and is fixed in the 0.12.6, 0.11.5, and...

9.1CVSS7AI score0.01473EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 8:40 p.m.6 views

Vault Leases Created with Batch Tokens have Invalid Expiration

Summary HashiCorp Vault and Vault Enterprise versions 1.0 and newer allowed leases created with a batch token to outlive their TTL because expiration time was not scheduled correctly. This vulnerability, CVE-2020-25816, was fixed in 1.4.7 and 1.5.4. Background Vault allows the issuance of batch...

6.8CVSS6.7AI score0.01012EPSS
Exploits0Affected Software2
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 8:31 p.m.6 views

Consul Enterprise Namespace Config Entry Replication Denial of Service

Summary Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause infinite Raft writes. This vulnerability, CVE-2020-25201, was fixed in 1.7.9 and 1.8.5. Background Consul Enterprise namespaces enable organizational multi-tenancy so that...

7.5CVSS6.9AI score0.02579EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 8:26 p.m.6 views

Vault SSH Helper Validated IP Addresses Incorrectly

Summary vault-ssh-helper up to and including version 0.1.6 incorrectly accepted Vault-issued SSH OTPs for the subnet in which a host’s network interface was located, rather than the specific IP address assigned to that interface. Assigned CVE-2020-24359 and fixed in 0.1.7. Background...

7.5CVSS6.9AI score0.01036EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 8:18 p.m.5 views

Vault’s GCP Auth Method Allows Authentication Bypass

Summary A vulnerability was identified in Vault and Vault Enterprise “Vault” such that, with the GCP Auth Method configured and under certain circumstances, the values relied upon by Vault to validate Google Compute Engine GCE VMs may be manipulated and authentication bypassed. This vulnerability...

8.2CVSS7AI score0.02963EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 8:16 p.m.6 views

Vault’s AWS Auth Method Allows Authentication Bypass

Summary A vulnerability was identified in Vault and Vault Enterprise “Vault” such that, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM identities and roles may be manipulated and authentication bypassed. This vulnerability,...

8.2CVSS7AI score0.01461EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 8:15 p.m.5 views

Terraform Enterprise Allowed Local Account Creation Bypassing SSO

Summary HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. This vulnerability, CVE-2020-15511, was fixed in v202007-1. Background Terraform Enterprise allowed single sign-on to be enabled vi...

5.3CVSS6.1AI score0.00852EPSS
Exploits0
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 8:8 p.m.7 views

Consul DNS and HTTP Cache Abuse Denial of Service

Summary Consul and Consul Enterprise include an HTTP API introduced in 1.2.0 and DNS introduced in 1.4.3 caching feature that was vulnerable to denial of service. This vulnerability, CVE-2020-13250, was fixed in Consul 1.6.6 and 1.7.4. Background Consul 1.2.0 introduced an agent cache to ease...

7.5CVSS6.9AI score0.02851EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 7:57 p.m.5 views

Vault Proxy Environment Variable Was Logged to STDOUT

Summary Vault and Vault Enterprise “Vault” logged proxy environment variables that potentially included sensitive credentials. This vulnerability, CVE-2020-13223, was fixed in Vault 1.3.6 and 1.4.2. Background Vault respects the HTTPPROXY and HTTPSPROXY environment variables. Details When HTTPPRO...

7.5CVSS7AI score0.01233EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 7:48 p.m.7 views

Consul Local ACL Token Can Be Used in Remote Datacenters

Summary Consul and Consul Enterprise “Consul” did not appropriately enforce scope for local tokens issued by a primary data center, where replication to a secondary data center was not enabled. This vulnerability, CVE-2020-13170, was introduced in Consul 1.4.0 and fixed in 1.6.6 and 1.7.4...

7.5CVSS7AI score0.01725EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 7:40 p.m.7 views

Consul Legacy ACL Permission Changes Not Propagated to Secondary Datacenters

Summary Consul and Consul Enterprise “Consul” failed to enforce changes to legacy ACL token rules due to non-propagation to secondary datacenters. This vulnerability, CVE-2020-12797, was introduced in Consul 1.4.0 and fixed in 1.6.6 and 1.7.4. Background Consul supports the replication of ACLs...

5.3CVSS6.7AI score0.01552EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 7:29 p.m.6 views

Consul Server Crash With Invalid Service-Router Config Entry

Summary HashiCorp Consul and Consul Enterprise “Consul” could crash when configured with an abnormally-formed service-router entry. This vulnerability, CVE-2020-12758, was introduced in Consul 1.6.0 and fixed in 1.6.6 and 1.7.4. Background Consul allows the definition of service-router...

7.5CVSS6.9AI score0.01709EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 7:19 p.m.7 views

Vault's GCP Secrets Engine Service Account Keys Not Enforcing Configured TTL

Summary Vault and Vault Enterprise versions 1.3.5/1.4.0 through 1.4.2, configured with the GCP Secrets Engine may, under certain circumstances, incorrectly generate GCP Credentials with the default time-to-live lease duration, instead of the engine configured setting. This may lead to generated G...

9.8CVSS7AI score0.01522EPSS
Exploits0Affected Software2
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 7:10 p.m.6 views

Nomad's Raw File View Vulnerable to Cross-Site Scripting

Summary A vulnerability was identified in Nomad and Nomad Enterprise “Nomad” such that files from a malicious workload could cause arbitrary JavaScript to execute in the web UI. This vulnerability, CVE-2020-10944, affects all Nomad versions since 0.3 and is fixed in the 0.10.5 release. Background...

5.4CVSS6.4AI score0.0067EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 7:7 p.m.6 views

Vault Enterprise Prefixed Mount Policies May Result In Unauthorized Namespace Access

Summary A vulnerability was identified in Vault Enterprise such that, under certain circumstances, existing nested-path policies may give access to Namespaces created after-the-fact. This vulnerability, CVE-2020-10661, affects Vault Enterprise versions 0.11 and newer and is fixed in 1.3.4...

9.1CVSS7AI score0.01116EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 7:1 p.m.6 views

Vault Auth Groups Not Removed In Certain Circumstances

Summary A vulnerability was identified in Vault and Vault Enterprise “Vault” such that, under certain circumstances, an Entity’s Group membership may inadvertently include external Groups the Entity no longer has permissions to. This vulnerability, CVE-2020-10660, affects Vault and Vault Enterpri...

5.3CVSS6.2AI score0.00763EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 6:55 p.m.7 views

Nomad's mTLS Authorization Mechanism Susceptible to Privilege Escalation

Summary Nomad and Nomad Enterprise “Nomad” up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to privilege escalation. Assigned CVE-2020-7956, this vulnerability was fixed in Nomad 0.10.3. Background Securing Nomad’s cluster...

9.8CVSS7AI score0.00983EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 6:42 p.m.7 views

Consul's Health Check API Endpoints May Disclose Information

Summary Consul and Consul Enterprise “Consul” did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. This vulnerability affected Consul versions 1.4.1 through 1.6.2 and was assigned CVE-2020-7955. Background Consul uses Access Control...

5.3CVSS6.7AI score0.01412EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 6:33 p.m.7 views

Vault Enterprise’s Dynamic Secrets May Persist After Namespace Deletion

Summary A vulnerability was identified in Vault Enterprise such that when deleting a namespace, in certain circumstances, the deletion process will fail to revoke dynamic secrets for a mount in that namespace. This vulnerability, CVE-2020-7220, affects Vault Enterprise 0.11.0 and newer and is fix...

7.5CVSS7AI score0.01422EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 6:25 p.m.6 views

Consul’s HTTP/RPC Services Allow Unbounded Resource Usage, Susceptible to Unauthenticated Denial of Service

Summary A vulnerability was identified in Consul and Consul Enterprise “Consul” such that unbounded resource usage, triggered by the establishment of many unauthenticated HTTP or RPC connections, may generate excessive load and/or crash the server. This vulnerability, CVE-2020-7219, affects all...

7.5CVSS6.8AI score0.0201EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2020/11/25 6:20 p.m.6 views

Nomad’s HTTP/RPC Services Allow Unbounded Resource Usage, Susceptible to Unauthenticated Denial of Service

Summary A vulnerability was identified in Nomad and Nomad Enterprise “Nomad” such that unbounded resource usage, triggered by the establishment of many unauthenticated HTTP or RPC connections, may generate excessive load and/or crash the server. This vulnerability, CVE-2020-7218, affects all...

7.5CVSS7AI score0.01466EPSS
Exploits0Affected Software1
Total number of security vulnerabilities189