HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2."
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-09-23T00:00:00

Updated: 2024-08-04T03:22:24.351Z

Reserved: 2021-09-29T00:00:00

Link: CVE-2021-41803

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-09-23T01:15:08.623

Modified: 2023-11-07T03:39:01.150

Link: CVE-2021-41803

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-09-23T00:00:00Z

Links: CVE-2021-41803 - Bugzilla