Medium severity4.9NVD Advisory· Published Mar 9, 2023· Updated Jun 17, 2026
CVE-2023-0845
CVE-2023-0845
Description
Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/hashicorp/consulGo | >= 1.14.0, < 1.14.5 | 1.14.5 |
Affected products
10- osv-coords8 versionspkg:apk/chainguard/consul-1.15pkg:apk/chainguard/consul-1.15-oci-entrypointpkg:apk/chainguard/consul-1.15-oci-entrypoint-compatpkg:apk/wolfi/consul-1.15pkg:apk/wolfi/consul-1.15-oci-entrypointpkg:apk/wolfi/consul-1.15-oci-entrypoint-compatpkg:bitnami/consulpkg:golang/github.com/hashicorp/consul
< 1.15.5-r0+ 7 more
- (no CPE)range: < 1.15.5-r0
- (no CPE)range: < 1.15.5-r0
- (no CPE)range: < 1.15.5-r0
- (no CPE)range: < 1.15.5-r0
- (no CPE)range: < 1.15.5-r0
- (no CPE)range: < 1.15.5-r0
- (no CPE)range: < 1.14.5
- (no CPE)range: >= 1.14.0, < 1.14.5
- Range: 1.14.0
Patches
Vulnerability mechanics
References
9- discuss.hashicorp.com/t/hcsec-2023-06-consul-server-panic-when-ingress-and-api-gateways-configured-with-peering-connections/51197nvdIssue TrackingVendor AdvisoryWEB
- github.com/advisories/GHSA-wj6x-hcc2-f32jghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-0845ghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHCghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFEghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAIghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/nvd
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/nvd
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/nvd
News mentions
0No linked articles in our index yet.