GHSA-r9w6-rhh9-7v53

Опубликовано: 28 июл. 2021

Источник: github

Github: Прошло ревью

CVSS3: 5.3

Описание

Incorrect Authorization in HashiCorp Consul

HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3.

Ссылки

Пакеты

Наименование

github.com/hashicorp/consul

Затронутые версииВерсия исправления

>= 1.4.1, <= 1.6.2

1.6.3

EPSS

Процентиль: 56%

0.00332

Низкий

5.3 Medium

CVSS3

CVE ID

CVE-2020-7955

Дефекты

CWE-863

Связанные уязвимости

CVE-2020-7955

CVSS3: 5.3

ubuntu

около 6 лет назад

HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3.

CVE-2020-7955

CVSS3: 5.3

redhat

около 6 лет назад

HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3.

CVE-2020-7955

CVSS3: 5.3

nvd

около 6 лет назад

HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3.

CVE-2020-7955

CVSS3: 5.3

debian

около 6 лет назад

HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uni ...

EPSS

Процентиль: 56%

0.00332

Низкий

5.3 Medium

CVSS3

CVE ID

CVE-2020-7955

Дефекты

CWE-863