Lucene search
GoogleOSV:CVE-2021-41805HistoryDec 12, 2021 - 5:15 a.m.
CVE-2021-41805
2021-12-1205:15:07
Google
osv.dev
5
HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has Incorrect Access Control. An ACL token (with the default operator:write permissions) in one namespace can be used for unintended privilege escalation in a different namespace.
| CPE | Name | Operator | Version |
|---|---|---|---|
| consul | eq | 1.10.2 | |
| consul | eq | 1.10.3 | |
| consul | eq | 1.10.1 | |
| consul | eq | api/v1.9.1 | |
| consul | eq | api/v1.11.0 | |
| consul | eq | 1.10.1-beta1 | |
| consul | eq | 1.10.0 | |
| consul | eq | api/v1.10.1 |
Related
veracode
veracode
Privilege Escalation
2021-12-13 09:27:07
nessus
nessus
Photon OS 3.0: Consul PHSA-2021-3.0-0346
2022-01-10 00:00:00
githubexploit
githubexploit
Exploit for Incorrect Authorization in Hashicorp Consul
2022-12-07 10:50:17
Exploit for Incorrect Authorization in Hashicorp Consul
2022-12-07 10:50:17
cvelist
cvelist
CVE-2021-41805
2021-12-12 04:51:21
prion
prion
Privilege escalation
2021-12-12 05:15:00
ubuntucve
ubuntucve
CVE-2021-41805
2021-12-12 00:00:00
nvd
nvd
CVE-2021-41805
2021-12-12 05:15:07
osv
osv
BIT-consul-2021-41805
2024-03-06 10:52:33
debiancve
debiancve
CVE-2021-41805
2021-12-12 05:15:07
cve
cve
CVE-2021-41805
2021-12-12 05:15:07
photon
photon
Important Photon OS Security Update - PHSA-2022-0143
2022-01-12 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0143
2022-01-10 00:00:00