HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11.
References
Link | Resource |
---|---|
https://discuss.hashicorp.com/t/hcsec-2023-20-nomad-acl-policies-without-label-are-applied-to-unexpected-resources/56270 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: HashiCorp
Published: 2023-07-19T23:34:56.155Z
Updated: 2023-07-19T23:34:56.155Z
Reserved: 2023-06-02T15:50:43.081Z
Link: CVE-2023-3072
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-07-20T00:15:10.347
Modified: 2023-07-27T19:51:20.287
Link: CVE-2023-3072
JSON object: View
Redhat Information
No data.
CWE