NotCVE - vendor:"Hashicorp" product:"Consul" version:"

Page 3 of 22 results (0.009 seconds)

CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2019-8336

https://notcve.org/view.php?id=CVE-2019-8336

05 Mar 2019 — HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters, because a token with literally "" as its secret is used in unusual circumstances. HashiCorp Consul (y Consul Enterprise), en versiones 1.4.x anteriores a la 1.4.3, permite que un cliente omita las restricciones de acceso planeadas y obtenga los privilegios de otro token arbitrario con centros de datos s... • https://github.com/hashicorp/consul/issues/5423 •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-19653

https://notcve.org/view.php?id=CVE-2018-19653

09 Dec 2018 — HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the verify_outgoing setting is improperly documented. NOTE: the vendor has provided reconfiguration steps that do not require a software upgrade. HashiCorp Consul, de la versión 0.5.1 a la 1.4.0, puede emplear comunicaciones RPC de agente a agente en texto claro debido a que la opción verify_outgoing setting está mal documentada. NOTA: el fabricante ha proporcionado instrucciones de reconfiguración que no requier... • https://github.com/hashicorp/consul/pull/5069 • CWE-310: Cryptographic Issues •

1 2 3