HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering's imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: HashiCorp

Published: 2022-11-15T23:25:30.161Z

Updated: 2024-08-03T01:20:58.854Z

Reserved: 2022-11-09T23:10:38.071Z

Link: CVE-2022-3920

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-11-16T00:15:09.747

Modified: 2024-11-21T07:20:32.077

Link: CVE-2022-3920

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-11-15T00:00:00Z

Links: CVE-2022-3920 - Bugzilla