CVE-2021-37219
published 2021-09-07CVE-2021-37219: HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only…
PriorityP352high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.19%
64.1th percentile
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | consul | — | — |
| github.com | hashicorp_consul | >= 0 < 1.8.15 | 1.8.15 |
| github.com | hashicorp_consul | >= 1.10.1 < 1.10.2 | 1.10.2 |
| github.com | hashicorp_consul | >= 1.9.0 < 1.9.9 | 1.9.9 |
| hashicorp | consul | < 1.8.15 | 1.8.15 |
| hashicorp | consul | >= 1.10.0 < 1.10.2 | 1.10.2 |
| hashicorp | consul | >= 1.9.0 < 1.9.9 | 1.9.9 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
osv8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
HashiCorp Consul Privilege Escalation Vulnerability in github.com/hashicorp/consul
osv·2024-08-21
CVE-2021-37219 HashiCorp Consul Privilege Escalation Vulnerability in github.com/hashicorp/consul
HashiCorp Consul Privilege Escalation Vulnerability in github.com/hashicorp/consul
HashiCorp Consul Privilege Escalation Vulnerability in github.com/hashicorp/consul
OSV
HashiCorp Consul Privilege Escalation Vulnerability
osv·2021-09-08
CVE-2021-37219 [HIGH] HashiCorp Consul Privilege Escalation Vulnerability
HashiCorp Consul Privilege Escalation Vulnerability
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.
GHSA
HashiCorp Consul Privilege Escalation Vulnerability
ghsa·2021-09-08
CVE-2021-37219 [HIGH] CWE-295 HashiCorp Consul Privilege Escalation Vulnerability
HashiCorp Consul Privilege Escalation Vulnerability
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.
OSV
CVE-2021-37219: HashiCorp Consul and Consul Enterprise 1
osv·2021-09-07·CVSS 8.8
CVE-2021-37219 [HIGH] CVE-2021-37219: HashiCorp Consul and Consul Enterprise 1
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.
Red Hat
consul: RPC layer allows non-server agents to access server-only functionality
vendor_redhat·2021-08-26·CVSS 8.8
CVE-2021-37219 [HIGH] CWE-295 consul: RPC layer allows non-server agents to access server-only functionality
consul: RPC layer allows non-server agents to access server-only functionality
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.
A flaw in Consul Raft RPC layer allows privilege escalation by allowing access to access server-only functionality from non-server agents with a valid certificate signed by the same CA.
Package: consul (OpenShift Service Mesh 1) - Not affected
Package: consul (OpenShift Service Mesh 2.0) - Not affected
Package: consul (Red Hat Advanced Cluster Management for Kubernetes 2) - Not affected
Debian
CVE-2021-37219: consul - HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server a...
vendor_debian·2021·CVSS 8.8
CVE-2021-37219 [HIGH] CVE-2021-37219: consul - HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server a...
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.
Scope: local
bullseye: open
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://discuss.hashicorp.com/t/hcsec-2021-22-consul-raft-rpc-privilege-escalation/29024https://security.gentoo.org/glsa/202207-01https://www.hashicorp.com/blog/category/consulhttps://discuss.hashicorp.com/t/hcsec-2021-22-consul-raft-rpc-privilege-escalation/29024https://security.gentoo.org/glsa/202207-01https://www.hashicorp.com/blog/category/consul
2021-09-07
Published