CVE-2022-3867 - OpenCVE

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 event stream subscribers using a token with TTL receive updates until token garbage is collected. Fixed in 1.4.2.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Hashicorp	Nomad

Configuration 1 [-]

OR	cpe:2.3:a:hashicorp:nomad:1.4.0:::::::*
	cpe:2.3:a:hashicorp:nomad:1.4.0::::enterprise:::
	cpe:2.3:a:hashicorp:nomad:1.4.1:::::::*
	cpe:2.3:a:hashicorp:nomad:1.4.1::::enterprise:::

References

Link	Resource
https://discuss.hashicorp.com/t/hcsec-2022-26-nomad-s-event-stream-subscriber-using-acl-token-with-ttl-receive-updates-until-garbage-collected/46168	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: HashiCorp

Published: 2022-11-10T05:45:53.550Z

Updated:

Reserved: 2022-11-04T22:54:20.822Z

Link: CVE-2022-3867

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-11-10T06:15:11.597

Modified: 2022-11-15T17:24:30.137

Link: CVE-2022-3867

JSON object: View

Redhat Information

No data.

CWE

CWE-613

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-3867", "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "state": "PUBLISHED", "assignerShortName": "HashiCorp", "requesterUserId": "5311d85b-fc2e-473d-9ddd-71031e52448b", "dateReserved": "2022-11-04T22:54:20.822Z", "datePublished": "2022-11-10T05:45:53.550Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp", "dateUpdated": "2022-11-10T05:45:53.550Z"}, "title": "Nomad Event Stream Subscriber Using a Token with TTL Receives Updates Until Garbage Collected", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-613", "description": "CWE-613 Insufficient Session Expiration", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-1", "descriptions": [{"lang": "en", "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"}]}], "affected": [{"vendor": "HashiCorp", "product": "Nomad", "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "repo": "https://github.com/hashicorp/nomad", "versions": [{"status": "affected", "version": "1.4.0"}, {"status": "affected", "version": "1.4.1"}], "defaultStatus": "unaffected"}, {"vendor": "HashiCorp", "product": "Nomad Enterprise", "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "versions": [{"status": "affected", "version": "1.4.0"}, {"status": "affected", "version": "1.4.1"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 event stream subscribers using a token with TTL receive updates until token garbage is collected. Fixed in 1.4.2.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 event stream subscribers using a token with TTL receive updates until token garbage is collected. Fixed in 1.4.2."}]}], "references": [{"url": "https://discuss.hashicorp.com/t/hcsec-2022-26-nomad-s-event-stream-subscriber-using-acl-token-with-ttl-receive-updates-until-garbage-collected/46168"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseSeverity": "LOW", "baseScore": 2.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"}}], "source": {"discovery": "INTERNAL"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hashicorp:nomad:1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "2B72B4A5-C0C9-41F4-BD7C-C876043CDF2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:nomad:1.4.0:*:*:*:enterprise:*:*:*", "matchCriteriaId": "5BEC3731-DC4E-467C-A206-8E6AA3AA6C8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:nomad:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "0DDF6A5F-6DD5-49CD-AEC5-06FB24035A49", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:nomad:1.4.1:*:*:*:enterprise:*:*:*", "matchCriteriaId": "7816639B-F379-48DF-B4D3-EC3AFBFA1B30", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 event stream subscribers using a token with TTL receive updates until token garbage is collected. Fixed in 1.4.2."}, {"lang": "es", "value": "Los suscriptores de flujo de eventos de HashiCorp Nomad y Nomad Enterprise 1.4.0 hasta 1.4.1 que usan un token con TTL reciben actualizaciones hasta que se recolecta la basura del token. Corregido en 1.4.2."}], "id": "CVE-2022-3867", "lastModified": "2022-11-15T17:24:30.137", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "security@hashicorp.com", "type": "Secondary"}]}, "published": "2022-11-10T06:15:11.597", "references": [{"source": "security@hashicorp.com", "tags": ["Vendor Advisory"], "url": "https://discuss.hashicorp.com/t/hcsec-2022-26-nomad-s-event-stream-subscriber-using-acl-token-with-ttl-receive-updates-until-garbage-collected/46168"}], "sourceIdentifier": "security@hashicorp.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-613"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-613"}], "source": "security@hashicorp.com", "type": "Secondary"}]}