Topics tagged security-consul

Topic	Replies	Views	Activity
HCSEC-2022-28 - Consul Cluster Peering Leaks Imported Nodes/Services Information Security security-consul	0	1295	November 15, 2022
HCSEC-2022-20 - Consul Service Mesh Intention Bypass with Malicious Certificate Signing Request Security security-consul	0	1868	September 21, 2022
HCSEC-2022-19 - Consul Auto-Config JWT Authorization Missing Input Validation Security security-consul	0	1604	September 21, 2022
HCSEC-2022-10 - Consul’s HTTP Health Check May Allow Server Side Request Forgery Security security-consul	0	3991	April 15, 2022
HCSEC-2022-07 - Consul’s Connect Service Mesh Affected By Recent Envoy Security Releases Security security-consul	0	1208	March 1, 2022
HCSEC-2022-05 - Consul Ingress Gateway Panic Can Shutdown Servers Security security-consul	0	2532	February 15, 2022
HCSEC-2021-34 - Vault, Consul, Boundary, and Waypoint Affected By Denial of Service in Golang’s net/http (CVE-2021-44716) Security security-consul , security-vault , security-boundary , security-waypoint	0	1603	December 22, 2021
HCSEC-2021-29 - Consul Enterprise Namespace Default ACLs Allow Privilege Escalation Security security-consul	0	3108	November 13, 2021
HCSEC-2021-24 - Consul Missing Authorization Check on Txn.Apply Endpoint Security security-consul	0	2834	September 1, 2021
HCSEC-2021-23 - Consul Exposed to Denial of Service in GoGo Protobuf Dependency Security security-consul	0	3544	September 1, 2021
HCSEC-2021-22 - Consul Raft RPC Privilege Escalation Security security-consul	0	4041	September 1, 2021
HCSEC-2021-17 - Consul’s Envoy TLS Configuration Did Not Validate Destination Service Subject Alternative Names Security security-consul	0	2591	July 15, 2021
HCSEC-2021-16 Consul’s Application-Aware Intentions Deny Action Fails Open When Combined With Default Deny Policy Security security-consul	0	2793	July 15, 2021
HCSEC-2021-12 - Codecov Security Event and HashiCorp GPG Key Exposure Security security-nomad , security-consul , security-vault , security-terraform	2	55181	May 4, 2021
HCSEC-2020-22 - Consul Operator Read ACL Enables Connect Service Masquerading Security security-consul	0	947	November 25, 2020
HCSEC-2021-08 - Consul Enterprise Audit Log Bypass for HTTP Events Security security-consul	0	2893	April 19, 2021
HCSEC-2021-07 - Consul API KV Endpoint Vulnerable to Cross-Site Scripting Security security-consul	0	3166	April 19, 2021
HCSEC-2020-19 - Consul Enterprise Namespace Config Entry Replication Denial of Service Security security-consul	0	912	November 25, 2020
HCSEC2020-14 - Consul DNS and HTTP Cache Abuse Denial of Service Security security-consul	0	906	November 25, 2020
HCSEC-2020-12 - Consul Local ACL Token Can Be Used in Remote Datacenters Security security-consul	0	898	November 25, 2020
HCSEC-2020-11 - Consul Legacy ACL Permission Changes Not Propagated to Secondary Datacenters Security security-consul	0	879	November 25, 2020
HCSEC-2020-10 - Consul Server Crash With Invalid Service-Router Config Entry Security security-consul	0	853	November 25, 2020
HCSEC-2020-04 - Consul's Health Check API Endpoints May Disclose Information Security security-consul	0	874	November 25, 2020
HCSEC-2020-02 - Consul’s HTTP/RPC Services Allow Unbounded Resource Usage, Susceptible to Unauthenticated Denial of Service Security security-consul	0	952	November 25, 2020