CVE-2021-37219 — Improper Certificate Validation in Hashicorp Consul

CWE-295 — Improper Certificate Validation7 documents5 sources

Severity

8.8HIGHNVD

EPSS

0.4%

top 37.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Github.com Hashicorp Consul Hashicorp Consul Debian Consul

Timeline

PublishedSep 7

Latest updateAug 21

Description

HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶NVDhashicorp/consul1.9.0 — 1.9.9+2

▶Gogithub.com/hashicorp_consul1.9.0 — 1.9.9+2

▶debiandebian/consul

🔴Vulnerability Details

OSV

HashiCorp Consul Privilege Escalation Vulnerability in github.com/hashicorp/consul↗2024-08-21

▶

OSV

HashiCorp Consul Privilege Escalation Vulnerability↗2021-09-08

▶

GHSA

HashiCorp Consul Privilege Escalation Vulnerability↗2021-09-08

▶

OSV

CVE-2021-37219: HashiCorp Consul and Consul Enterprise 1↗2021-09-07

▶

📋Vendor Advisories

Red Hat

consul: RPC layer allows non-server agents to access server-only functionality↗2021-08-26

▶

Debian

CVE-2021-37219: consul - HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server a...↗2021

▶