CVE-2021-32575
published 2021-06-17CVE-2021-32575: HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in…
PriorityP426medium6.5CVSS 3.1
AVAACLPRNUINSUCNIHAN
EPSS
0.51%
39.7th percentile
HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | hashicorp_nomad | >= 0 < 0.12.12 | 0.12.12 |
| github.com | hashicorp_nomad | >= 1.0.0 < 1.0.5 | 1.0.5 |
| hashicorp | nomad | <= 1.0.4 | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvdv2.03.3LOWAV:A/AC:L/Au:N/C:N/I:P/A:N
osv6.5MEDIUM
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Improper network isolation in Hashicorp Nomad in github.com/hashicorp/nomad
osv·2024-08-21
CVE-2021-32575 Improper network isolation in Hashicorp Nomad in github.com/hashicorp/nomad
Improper network isolation in Hashicorp Nomad in github.com/hashicorp/nomad
Improper network isolation in Hashicorp Nomad in github.com/hashicorp/nomad
GHSA
Improper network isolation in Hashicorp Nomad
ghsa·2021-06-24
CVE-2021-32575 [MEDIUM] CWE-1100 Improper network isolation in Hashicorp Nomad
Improper network isolation in Hashicorp Nomad
HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.
OSV
Improper network isolation in Hashicorp Nomad
osv·2021-06-24
CVE-2021-32575 [MEDIUM] Improper network isolation in Hashicorp Nomad
Improper network isolation in Hashicorp Nomad
HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.
OSV
CVE-2021-32575: HashiCorp Nomad and Nomad Enterprise up to version 1
osv·2021-06-17·CVSS 6.5
CVE-2021-32575 [MEDIUM] CVE-2021-32575: HashiCorp Nomad and Nomad Enterprise up to version 1
HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.
Red Hat
nomad: bridge networking mode allows ARP spoofing from other bridged tasks on same node
vendor_redhat·2021-05-12·CVSS 6.5
CVE-2021-32575 [MEDIUM] nomad: bridge networking mode allows ARP spoofing from other bridged tasks on same node
nomad: bridge networking mode allows ARP spoofing from other bridged tasks on same node
HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.
A flaw was found in Nomad. The bridge networking mode in HashiCorp Nomad and Nomad Enterprise allows ARP spoofing from other bridged tasks on the same node.
Package: mcg (Red Hat Openshift Container Storage 4) - Not affected
Package: ocs4/cephcsi-rhel8 (Red Hat Openshift Container Storage 4) - Not affected
Package: ocs4/mcg-rhel8-operator (Red Hat Openshift Container Storage 4) - Not affected
Package: ocs4/ocs-must-gather-rhel8 (Red Hat Openshift Container Storage 4) - Not affected
Package: ocs4/ocs-rhel8-operator (R
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://discuss.hashicorp.com/t/hcsec-2021-14-nomad-bridge-networking-mode-allows-arp-spoofing-from-other-bridged-tasks-on-same-node/24296https://www.hashicorp.com/blog/category/nomadhttps://discuss.hashicorp.com/t/hcsec-2021-14-nomad-bridge-networking-mode-allows-arp-spoofing-from-other-bridged-tasks-on-same-node/24296https://www.hashicorp.com/blog/category/nomad
2021-06-17
Published