github.com/hashicorp/nomad is vulnerable to Privilege Escalation. A remote attacker with the submit-job
ACL permission is able to escalate to management-level privileges using the workload identity and task API by submitting a job without ACL policies.