CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-1296 – Nomad ACLs Can Not Deny Access to Workload's Own Variables
https://notcve.org/view.php?id=CVE-2023-1296
14 Mar 2023 — HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s variables. Fixed in 1.4.6 and 1.5.1. • https://discuss.hashicorp.com/t/hcsec-2023-09-nomad-acls-can-not-deny-access-to-workloads-own-variables/51390 • CWE-682: Incorrect Calculation CWE-862: Missing Authorization •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-24999 – Vault Fails to Verify if the AppRole SecretID Belongs to Role During a Destroy Operation
https://notcve.org/view.php?id=CVE-2023-24999
10 Mar 2023 — HashiCorp Vault and Vault Enterprise’s approle auth method allowed any authenticated user with access to an approle destroy endpoint to destroy the secret ID of any other role by providing the secret ID accessor. This vulnerability is fixed in Vault 1.13.0, 1.12.4, 1.11.8, 1.10.11 and above. A flaw was found in the Hashicorp vault. When using the Vault and Vault Enterprise approle auth method, any authenticated user with access to the /auth/approle/role/:role_name/secret-id-accessor/destroy endpoint can des... • https://discuss.hashicorp.com/t/hcsec-2023-07-vault-fails-to-verify-if-approle-secretid-belongs-to-role-during-a-destroy-operation/51305 • CWE-863: Incorrect Authorization •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0845 – Consul Server Panic when Ingress and API Gateways Configured with Peering
https://notcve.org/view.php?id=CVE-2023-0845
09 Mar 2023 — Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5. Consul y Consul Enterprise permitieron que un usuario autenticado con servicio:permisos de escritura desencadenara un flujo de trabajo que provoca que el servidor de Consul y los agentes del cliente colapsen en determinadas circunstancias. Esta vulnerabilidad se solucion... • https://discuss.hashicorp.com/t/hcsec-2023-06-consul-server-panic-when-ingress-and-api-gateways-configured-with-peering-connections/51197 • CWE-476: NULL Pointer Dereference •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-0821 – Nomad Client Vulnerable to Decompression Bombs in Artifact Block
https://notcve.org/view.php?id=CVE-2023-0821
16 Feb 2023 — HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage. Fixed in 1.2.16, 1.3.9, and 1.4.4. • https://discuss.hashicorp.com/t/hcsec-2023-05-nomad-client-vulnerable-to-decompression-bombs-in-artifact-block/50292 • CWE-409: Improper Handling of Highly Compressed Data (Data Amplification) •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0475 – Go-Getter Vulnerable to Decompression Bombs
https://notcve.org/view.php?id=CVE-2023-0475
16 Feb 2023 — HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0. A flaw was found in the HashiCorp go-getter package. Affected versions of the HashiCorp go-getter package are vulnerable to a denial of service via a malicious compressed archive. The OpenShift Security Profiles Operator v0.7.0 is now available. • https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125 • CWE-409: Improper Handling of Highly Compressed Data (Data Amplification) •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0690 – Boundary Workers Store Rotated Credentials in Plaintext Even When a Key Management Service Configured
https://notcve.org/view.php?id=CVE-2023-0690
08 Feb 2023 — HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker’s disk. This issue is fixed in version 0.12.0. HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with... • https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907 • CWE-311: Missing Encryption of Sensitive Data CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14802
https://notcve.org/view.php?id=CVE-2019-14802
26 Dec 2022 — HashiCorp Nomad 0.5.0 through 0.9.4 (fixed in 0.9.5) reveals unintended environment variables to the rendering task during template rendering, aka GHSA-6hv3-7c34-4hx8. This applies to nomad/client/allocrunner/taskrunner/template. HashiCorp Nomad 0.5.0 a 0.9.4 (corregido en 0.9.5) revela variables de entorno no deseadas en la tarea de renderizado durante el renderizado de la plantilla, también conocido como GHSA-6hv3-7c34-4hx8. Esto se aplica a nomad/client/allocrunner/taskrunner/template. • https://advisories.gitlab.com/advisory/advgo_github_com_hashicorp_nomad_client_allocrunner_taskrunner_template_GMS_2022_818.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3920 – Consul Peering Imported Nodes/Services Leak
https://notcve.org/view.php?id=CVE-2022-3920
15 Nov 2022 — HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering's imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0. HashiCorp Consul y Consul Enterprise 1.13.0 hasta 1.13.3 no filtran los nodos y servicios importados del filtrado de clústeres para los endpoints HTTP o RPC utilizados por la interfaz de usuario. Se corrigió en la versión 1.14.0. • https://discuss.hashicorp.com/t/hcsec-2022-28-consul-cluster-peering-leaks-imported-nodes-services-information/46946 • CWE-862: Missing Authorization •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-3867 – Nomad Event Stream Subscriber Using a Token with TTL Receives Updates Until Garbage Collected
https://notcve.org/view.php?id=CVE-2022-3867
10 Nov 2022 — HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 event stream subscribers using a token with TTL receive updates until token garbage is collected. Fixed in 1.4.2. Los suscriptores de flujo de eventos de HashiCorp Nomad y Nomad Enterprise 1.4.0 hasta 1.4.1 que usan un token con TTL reciben actualizaciones hasta que se recolecta la basura del token. Corregido en 1.4.2. • https://discuss.hashicorp.com/t/hcsec-2022-26-nomad-s-event-stream-subscriber-using-acl-token-with-ttl-receive-updates-until-garbage-collected/46168 • CWE-613: Insufficient Session Expiration •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-3866 – Nomad Workload Identity Token Can List Non-sensitive Metadata for Paths Under nomad/
https://notcve.org/view.php?id=CVE-2022-3866
10 Nov 2022 — HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in 1.4.2. El token de identidad de carga de trabajo de HashiCorp Nomad y Nomad Enterprise 1.4.0 hasta 1.4.1 puede enumerar metadatos no confidenciales para rutas en nomad/ que pertenecen a otros trabajos en el mismo espacio de nombres. Corregido en 1.4.2. • https://discuss.hashicorp.com/t/hcsec-2022-25-nomad-s-workload-identity-token-can-list-non-sensitive-metadata-for-nomad-paths/46167 • CWE-668: Exposure of Resource to Wrong Sphere •