CVE-2022-24687
Description
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at least one Ingress Gateway allow a user with service:write to register a specifically-defined service that can cause Consul servers to panic. Fixed in 1.9.15, 1.10.8, and 1.11.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
HashiCorp Consul clusters with an Ingress Gateway allow users with service:write to register a crafted service that triggers a server panic.
Vulnerability
HashiCorp Consul and Consul Enterprise versions 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 are affected [1]. Clusters that have at least one Ingress Gateway configured allow a user with service:write permissions to register a specifically-defined service that causes the Consul server to panic [4]. The panic originates from the Ingress Gateway handling logic when the crafted service is registered [4].
Exploitation
An attacker must possess service:write permission in the Consul cluster [4]. With that permission, the attacker registers a specifically-defined service (details of the exact service definition are not publicly disclosed) that, when processed by the server, triggers a panic [4]. No additional user interaction is required beyond the service registration [4].
Impact
Successful exploitation causes the Consul server to panic and shut down, resulting in a denial of service (DoS) for the cluster [4]. The availability of the Consul service is impacted, and can lead to disruption of service discovery, health checking, and other Consul features [1].
Mitigation
The vulnerability is fixed in Consul and Consul Enterprise versions 1.9.15, 1.10.8, and 1.11.3 [1][4]. Users should upgrade to these versions or later. No other workarounds are mentioned in the references. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/hashicorp/consulGo | >= 1.8.0, < 1.9.15 | 1.9.15 |
github.com/hashicorp/consulGo | >= 1.10.0, < 1.10.8 | 1.10.8 |
github.com/hashicorp/consulGo | >= 1.11.0, < 1.11.3 | 1.11.3 |
Affected products
3- HashiCorp/Consuldescription
- osv-coords2 versions
>= 1.8.0, < 1.9.15+ 1 more
- (no CPE)range: >= 1.8.0, < 1.9.15
- (no CPE)range: >= 1.8.0, < 1.9.15
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- github.com/advisories/GHSA-hj93-5fg3-3chrghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-24687ghsaADVISORY
- security.gentoo.org/glsa/202208-09ghsavendor-advisoryx_refsource_GENTOOWEB
- discuss.hashicorp.comghsax_refsource_MISCWEB
- discuss.hashicorp.com/t/hcsec-2022-05-consul-ingress-gateway-panic-can-shutdown-serversghsaWEB
- discuss.hashicorp.com/t/hcsec-2022-05-consul-ingress-gateway-panic-can-shutdown-servers/mitrex_refsource_MISC
- security.netapp.com/advisory/ntap-20220331-0006ghsaWEB
- security.netapp.com/advisory/ntap-20220331-0006/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.