Hashicorp Consul 1.12.0 Enterprise Edition

CPE Details

Hashicorp Consul 1.12.0 Enterprise Edition
hashicorp
consul
1.12.0
2022-09-26
13h42 +00:00
2022-09-28
17h52 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:hashicorp:consul:1.12.0:*:*:*:enterprise:*:*:*

Informations

Vendor

hashicorp

Product

consul

Version

1.12.0

Software Edition

enterprise

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-10086 2024-10-30 21h21 +00:00 A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.
6.1
Moyen
CVE-2024-10006 2024-10-30 21h20 +00:00 A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.
8.3
Haute
CVE-2024-10005 2024-10-30 21h19 +00:00 A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.
8.1
Haute
CVE-2022-40716 2022-09-22 22h00 +00:00 HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2."
6.5
Moyen