Moderate severityNVD Advisory· Published Oct 30, 2024· Updated Jan 10, 2025
Consul L7 Intentions Vulnerable To Headers Bypass
CVE-2024-10006
Description
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/hashicorp/consulGo | >= 1.9.0, < 1.20.1 | 1.20.1 |
Affected products
30- osv-coords28 versionspkg:apk/chainguard/consul-1.19pkg:apk/chainguard/consul-1.20pkg:apk/chainguard/consul-1.20-oci-entrypointpkg:apk/chainguard/consul-1.20-oci-entrypoint-compatpkg:apk/chainguard/consul-1.21pkg:apk/chainguard/consul-1.21-oci-entrypointpkg:apk/chainguard/consul-1.21-oci-entrypoint-compatpkg:apk/chainguard/consul-1.22pkg:apk/chainguard/consul-1.22-oci-entrypointpkg:apk/chainguard/consul-1.22-oci-entrypoint-compatpkg:apk/chainguard/consul-fips-1.19pkg:apk/chainguard/consul-fips-1.20pkg:apk/chainguard/consul-fips-1.20-oci-entrypointpkg:apk/chainguard/consul-fips-1.20-oci-entrypoint-compatpkg:apk/chainguard/consul-fips-1.21pkg:apk/chainguard/consul-fips-1.21-oci-entrypointpkg:apk/chainguard/consul-fips-1.21-oci-entrypoint-compatpkg:apk/chainguard/consul-fips-1.22pkg:apk/chainguard/consul-fips-1.22-oci-entrypointpkg:apk/chainguard/consul-fips-1.22-oci-entrypoint-compatpkg:bitnami/consulpkg:golang/github.com/hashicorp/consulpkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweedpkg:rpm/suse/govulncheck-vulndb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/govulncheck-vulndb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/govulncheck-vulndb&distro=SUSE%20Package%20Hub%2012
< 1.19.2-r47+ 27 more
- (no CPE)range: < 1.19.2-r47
- (no CPE)range: < 1.20.6-r11
- (no CPE)range: < 1.20.6-r11
- (no CPE)range: < 1.20.6-r11
- (no CPE)range: < 1.21.5-r6
- (no CPE)range: < 1.21.5-r6
- (no CPE)range: < 1.21.5-r6
- (no CPE)range: < 1.22.1-r2
- (no CPE)range: < 1.22.1-r2
- (no CPE)range: < 1.22.1-r2
- (no CPE)range: < 1.19.2-r47
- (no CPE)range: < 1.20.6-r10
- (no CPE)range: < 1.20.6-r10
- (no CPE)range: < 1.20.6-r10
- (no CPE)range: < 1.21.5-r6
- (no CPE)range: < 1.21.5-r6
- (no CPE)range: < 1.21.5-r6
- (no CPE)range: < 1.22.2-r1
- (no CPE)range: < 1.22.2-r1
- (no CPE)range: < 1.22.2-r1
- (no CPE)range: >= 1.9.0, < 1.20.1
- (no CPE)range: >= 1.9.0, < 1.20.1
- (no CPE)range: < 0.0.20241104T154416-150000.1.12.1
- (no CPE)range: < 0.0.20241104T154416-150000.1.12.1
- (no CPE)range: < 0.0.20241104T154416-1.1
- (no CPE)range: < 0.0.20241104T154416-150000.1.12.1
- (no CPE)range: < 0.0.20241104T154416-150000.1.12.1
- (no CPE)range: < 0.0.20241104T154416-5.1
- Range: 1.9.0
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-5c4w-8hhh-3c3hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-10006ghsaADVISORY
- discuss.hashicorp.com/t/hcsec-2024-23-consul-l7-intentions-vulnerable-to-headers-bypassghsaWEB
- github.com/hashicorp/consul/commit/d9206fc7e284a9244af4d62f8653a63ca30bd00cghsaWEB
- github.com/hashicorp/consul/pull/21816ghsaWEB
- security.netapp.com/advisory/ntap-20250110-0005ghsaWEB
News mentions
0No linked articles in our index yet.