Описание
HashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to non-propagation to secondary data centers. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| consul | fixed | 1.7.4+dfsg1-1 | package | |
| consul | not-affected | buster | package |
Примечания
https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
https://github.com/hashicorp/consul/pull/8047
EPSS
Процентиль: 61%
0.00407
Низкий
Связанные уязвимости
CVSS3: 5.3
ubuntu
больше 5 лет назад
HashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to non-propagation to secondary data centers. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.
CVSS3: 5.3
nvd
больше 5 лет назад
HashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to non-propagation to secondary data centers. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.
CVSS3: 5.3
github
больше 4 лет назад
Incorrect Permission Assignment for Critical Resource in Hashicorp Consul
EPSS
Процентиль: 61%
0.00407
Низкий