Overview
- Description
- A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.
- Source
- security@hashicorp.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.8
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
- Severity
- MEDIUM
Social media
- Hype score
- Not currently trending
CVE-2024-10006 A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules. https://t.co/dVOiC2LeBQ
@VulmonFeeds
31 Oct 2024
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10006 A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules. https://t.co/oYstLHchUa
@CVEnew
30 Oct 2024
167 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-10006: HIGH] A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.#cybersecurity,#vulnerability https://t.co/a8ycU0lkeA https://t.co/G7YqpCP3Hn
@CveFindCom
30 Oct 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hashicorp:consul:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D16200E-5F65-48AE-A0A5-FFADA05CA755",
"versionEndExcluding": "1.20.1",
"versionStartIncluding": "1.4.1"
},
{
"criteria": "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F4529FE-6B11-4CB9-A8A2-A75D10470294",
"versionEndExcluding": "1.15.15",
"versionStartIncluding": "1.9.0"
},
{
"criteria": "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36CDCEB8-8B22-4290-9071-81CE3F0F6B95",
"versionEndExcluding": "1.18.5",
"versionStartIncluding": "1.18.0"
},
{
"criteria": "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0AB043DB-FC48-4DE7-80BA-EC410ECD44F2",
"versionEndExcluding": "1.19.3",
"versionStartIncluding": "1.19.0"
},
{
"criteria": "cpe:2.3:a:hashicorp:consul:1.20.0:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82C595D9-B7F7-487B-A2B4-B85A45DF471C"
}
],
"operator": "OR"
}
]
}
]