Hashicorp Consul 1.14.0 Enterprise Edition

CPE Details

Hashicorp Consul 1.14.0 Enterprise Edition
1.14.0
2023-06-12 12:17 +00:00
2023-07-21 20:07 +00:00

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:a:hashicorp:consul:1.14.0:*:*:*:enterprise:*:*:*

Informations

Vendor

hashicorp

Product

consul

Version

1.14.0

Software Edition

enterprise

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-10086 2024-10-30 21:21 +00:00 A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.
6.1
MEDIUM
CVE-2024-10006 2024-10-30 21:20 +00:00 A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.
8.3
HIGH
CVE-2024-10005 2024-10-30 21:19 +00:00 A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.
8.1
HIGH
CVE-2023-1297 2023-06-02 22:48 +00:00 Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3
7.5
HIGH