// For flags

CVE-2024-7625

Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking

Severity Score

5.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.16.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability, CVE-2024-7625, is fixed in Nomad 1.6.14, 1.7.11, and 1.8.3. Access or compromise of the Nomad client agent at the source allocation first is a prerequisite for leveraging this vulnerability.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
High
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-08-08 CVE Reserved
  • 2024-08-14 CVE Published
  • 2024-08-15 CVE Updated
  • 2024-08-15 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-610: Externally Controlled Reference to a Resource in Another Sphere
CAPEC
  • CAPEC-130: Excessive Allocation
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
HashiCorp
Search vendor "HashiCorp"
 Nomad
Search vendor "HashiCorp" for product "Nomad"
 >= 0.6.1 < 1.8.3
Search vendor "HashiCorp" for product "Nomad" and version " >= 0.6.1 < 1.8.3"
en
Affected
HashiCorp
Search vendor "HashiCorp"
 Nomad Enterprise
Search vendor "HashiCorp" for product "Nomad Enterprise"
 >= 0.6.1 < 1.8.3
Search vendor "HashiCorp" for product "Nomad Enterprise" and version " >= 0.6.1 < 1.8.3"
en
Affected