CVE-2019-12618Improper Privilege Management in Hashicorp Nomad

CWE-269Improper Privilege Management6 documents4 sources
Severity
9.8CRITICALNVD
EPSS
0.7%
top 27.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Github.com Hashicorp NomadHashicorp Nomad
Timeline
PublishedAug 12
Latest updateAug 20

Description

HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

Gogithub.com/hashicorp_nomad0.9.00.9.2
NVDhashicorp/nomad0.9.00.9.1

🔴Vulnerability Details

5
OSV
Hashicorp Nomad Access Control Issues in github.com/hashicorp/nomad2024-08-20
OSV
Hashicorp Nomad Access Control Issues2022-05-24
GHSA
Hashicorp Nomad Access Control Issues2022-05-24
CVEList
CVE-2019-12618: HashiCorp Nomad 02019-08-12
OSV
CVE-2019-12618: HashiCorp Nomad 02019-08-12
CVE-2019-12618 — Improper Privilege Management | cvebase