VYPR
High severityNVD Advisory· Published Sep 7, 2021· Updated Aug 4, 2024

CVE-2021-37219

CVE-2021-37219

Description

HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/hashicorp/consulGo
>= 1.10.1, < 1.10.21.10.2
github.com/hashicorp/consulGo
>= 1.9.0, < 1.9.91.9.9
github.com/hashicorp/consulGo
< 1.8.151.8.15

Affected products

27

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.