Wind River Support Network

HomeDefectsLIN1019-7042
Acknowledged

LIN1019-7042 : Security Advisory - consul - CVE-2021-37219

Created: Aug 26, 2021    Updated: Oct 18, 2021
Found In Version: 10.19.45.1
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace

Description

HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.

https://nvd.nist.gov/vuln/detail/CVE-2021-37219
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube