CVE-2023-2816
published 2023-06-02CVE-2023-2816: Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy…
PriorityP336medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
EPSS
0.58%
43.5th percentile
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | consul | — | — |
| github.com | hashicorp_consul | >= 1.15.0 < 1.15.3 | 1.15.3 |
| hashicorp | consul | — | — |
| hashicorp | consul | — | — |
| hashicorp | consul | — | — |
| hashicorp | consul | >= 1.15.0 < 1.15.3 | 1.15.3 |
| hashicorp | consul_enterprise | — | — |
| hashicorp | consul_enterprise | — | — |
| hashicorp | consul_enterprise | — | — |
| msrc | azl3_telegraf_1.27.3-4_on_azure_linux_3.0 | — | — |
| msrc | azl3_telegraf_1.29.4-1_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_telegraf_1.28.5-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
osv6.5MEDIUM
vendor_debian8.7LOW
vendor_msrc6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner
vendor_msrc·2023-06-13·CVSS 6.5
CVE-2023-2816 [HIGH] CWE-266 Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner
Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
HashiCorp: HashiCorp
Customer Action Required: Yes
Remediation: CBL-Mariner Rel
Debian
CVE-2023-2816: consul - Consul and Consul Enterprise allowed any user with service:write permissions to ...
vendor_debian·2023·CVSS 8.7
CVE-2023-2816 [HIGH] CVE-2023-2816: consul - Consul and Consul Enterprise allowed any user with service:write permissions to ...
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.
Scope: local
bullseye: resolved
OSV
Hashicorp Consul allows user with service:write permissions to patch remote proxy instances in github.com/hashicorp/consul
osv·2024-08-20
CVE-2023-2816 Hashicorp Consul allows user with service:write permissions to patch remote proxy instances in github.com/hashicorp/consul
Hashicorp Consul allows user with service:write permissions to patch remote proxy instances in github.com/hashicorp/consul
Hashicorp Consul allows user with service:write permissions to patch remote proxy instances in github.com/hashicorp/consul
OSV
Hashicorp Consul allows user with service:write permissions to patch remote proxy instances
osv·2023-06-03
CVE-2023-2816 [HIGH] Hashicorp Consul allows user with service:write permissions to patch remote proxy instances
Hashicorp Consul allows user with service:write permissions to patch remote proxy instances
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.
GHSA
Hashicorp Consul allows user with service:write permissions to patch remote proxy instances
ghsa·2023-06-03
CVE-2023-2816 [HIGH] CWE-266 Hashicorp Consul allows user with service:write permissions to patch remote proxy instances
Hashicorp Consul allows user with service:write permissions to patch remote proxy instances
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.
OSV
CVE-2023-2816: Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote p
osv·2023-06-02·CVSS 6.5
CVE-2023-2816 [MEDIUM] CVE-2023-2816: Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote p
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-06-02
Published