Описание
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.
Уязвимые конфигурации
Одно из
EPSS
8.3 High
CVSS3
5.8 Medium
CVSS3
Дефекты
Связанные уязвимости
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.
A vulnerability was identified in Consul and Consul Enterprise (\u201c ...
Hashicorp Consul Improper Neutralization of HTTP Headers for Scripting Syntax vulnerability
Уязвимость инструмента настройки сервисов Consul Community Edition и Consul Enterprise, связанная с непринятием мер по нейтрализации заголовков HTTP для синтаксиса сценариев, позволяющая нарушителю получить достпу к конфиденциальной информации
EPSS
8.3 High
CVSS3
5.8 Medium
CVSS3