HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-09-07T11:33:26
Updated: 2024-08-04T01:16:03.813Z
Reserved: 2021-07-21T00:00:00
Link: CVE-2021-37219
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-09-07T12:15:07.727
Modified: 2024-11-21T06:14:53.253
Link: CVE-2021-37219
Redhat