LIN1021-6242 : Security Advisory - consul - CVE-2023-3518
Created: Aug 8, 2023
Updated: Aug 25, 2023
Resolved Date: Aug 25, 2023
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace
Description
HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1.
https://nvd.nist.gov/vuln/detail/CVE-2023-3518