consul is vulnerable to privilege escalation. The vulnerability exists due to the operators with operator:read
ACL permissions are able to read the Consul Connect CA configuration when explicitly configured with the /v1/connect/ca/configuration
endpoint including the private key, allowing a malicious user to effectively privilege escalate by enabling the ability to mint certificates for any Consul Connect services.