HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as root.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-02-17T16:36:37

Updated: 2024-08-03T04:20:50.373Z

Reserved: 2022-02-09T00:00:00

Link: CVE-2022-24683

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-02-17T17:15:09.567

Modified: 2024-11-21T06:50:52.120

Link: CVE-2022-24683

cve-icon Redhat

No data.