HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-07-17T17:28:11
Updated: 2024-08-03T23:25:30.307Z
Reserved: 2021-05-11T00:00:00
Link: CVE-2021-32574
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-07-17T18:15:07.723
Modified: 2022-10-25T20:41:30.533
Link: CVE-2021-32574
Redhat
No data.