Low severityNVD Advisory· Published Jul 19, 2023· Updated Oct 17, 2024
Nomad Caller ACL Token's Secret ID is Exposed to Sentinel
CVE-2023-3299
Description
HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/hashicorp/nomadGo | >= 1.2.11, < 1.4.11 | 1.4.11 |
github.com/hashicorp/nomadGo | >= 1.5.0, < 1.5.7 | 1.5.7 |
Affected products
2- Range: 1.2.11
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.