VYPR
High severityNVD Advisory· Published Jul 17, 2021· Updated Aug 4, 2024

CVE-2021-36213

CVE-2021-36213

Description

HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/hashicorp/consulGo
< 1.10.11.10.1

Affected products

27

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.