HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1.
References
Link | Resource |
---|---|
https://discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856 | Vendor Advisory |
https://github.com/hashicorp/consul/releases/tag/v1.10.1 | Third Party Advisory |
https://security.gentoo.org/glsa/202208-09 | Third Party Advisory |
https://www.hashicorp.com/blog/category/consul | Vendor Advisory |
https://discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856 | Vendor Advisory |
https://github.com/hashicorp/consul/releases/tag/v1.10.1 | Third Party Advisory |
https://security.gentoo.org/glsa/202208-09 | Third Party Advisory |
https://www.hashicorp.com/blog/category/consul | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:07
Type | Values Removed | Values Added |
---|---|---|
References | () https://discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856 - Vendor Advisory | |
References | () https://github.com/hashicorp/consul/releases/tag/v1.10.1 - Third Party Advisory | |
References | () https://security.gentoo.org/glsa/202208-09 - Third Party Advisory | |
References | () https://www.hashicorp.com/blog/category/consul - Vendor Advisory |
Information
Published : 2021-07-17 18:15
Updated : 2024-11-21 06:07
NVD link : CVE-2021-32574
Mitre link : CVE-2021-32574
CVE.ORG link : CVE-2021-32574
JSON object : View
Products Affected
hashicorp
- consul
CWE
CWE-295
Improper Certificate Validation