HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-04-19T00:00:00

Updated: 2024-08-03T06:10:59.268Z

Reserved: 2022-04-13T00:00:00

Link: CVE-2022-29153

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-04-19T16:17:10.493

Modified: 2024-11-21T06:58:35.740

Link: CVE-2022-29153

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-04-19T00:00:00Z

Links: CVE-2022-29153 - Bugzilla