Wind River Support Network

HomeDefectsLIN1019-8841
Fixed

LIN1019-8841 : Security Advisory - consul - CVE-2022-40716

Created: Sep 21, 2022    Updated: Jul 28, 2023
Resolved Date: Jul 28, 2023
Found In Version: 10.19.45.1
Fix Version: 10.19.45.29
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace

Description

HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2.

https://nvd.nist.gov/vuln/detail/CVE-2022-40716

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube