Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3
References
Link | Resource |
---|---|
https://discuss.hashicorp.com/t/hcsec-2023-15-consul-cluster-peering-can-result-in-denial-of-service/54515 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: HashiCorp
Published: 2023-06-02T22:48:28.938Z
Updated: 2023-06-02T22:48:28.938Z
Reserved: 2023-03-09T18:51:51.406Z
Link: CVE-2023-1297
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-02T23:15:09.293
Modified: 2023-06-12T16:10:55.347
Link: CVE-2023-1297
JSON object: View
Redhat Information
No data.