Nomad Allocations Vulnerable To Privilege Escalation Within A Namespace Using Unredacted Workload Identity Tokens
Description
Nomad Community and Nomad Enterprise ("Nomad") allocations are vulnerable to privilege escalation within a namespace through unredacted workload identity tokens. This vulnerability, identified as CVE-2024-12678, is fixed in Nomad Community Edition 1.9.4 and Nomad Enterprise 1.9.4, 1.8.8, and 1.7.16.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Nomad allocations leak workload identity tokens via the read API, allowing namespace-read users to escalate privileges within the namespace.
Vulnerability
CVE-2024-12678 is a privilege escalation vulnerability in HashiCorp Nomad Community and Enterprise editions. The root cause is that when a user accesses a Nomad allocation through the Read Allocation API or the alloc command, the response includes the allocation's Workload Identity token without redaction [1][2]. This token is a JSON Web Token (JWT) signed by the leader's keyring, and it grants access to workload-associated variables and service discovery [2].
Exploitation
An attacker who already has namespace:read permissions can retrieve a workload identity token for any task in that namespace by simply reading an allocation [2]. If additional ACL policies have been associated with that workload identity (via the identity block in the job specification), the attacker gains the privileges of those policies as well [2]. The attack does not require any other special privileges within the namespace beyond the basic read access that is often broadly granted.
Impact
By leveraging the unredacted token, an attacker with namespace:read access can escalate their privileges to include any policies bound to the workload identity. This breaks the intended isolation between different workloads and identities within the same namespace, potentially allowing unauthorized access to sensitive data or operations that should be restricted to a specific task or service [2].
Mitigation
The vulnerability has been fixed in Nomad Community Edition 1.9.4 and Nomad Enterprise 1.9.4, 1.8.8, and 1.7.16 [1][2]. Users running any earlier version (starting from 1.4.0) should upgrade immediately. HashiCorp recommends following the standard upgrade guides for Nomad to apply the fix [2].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/hashicorp/nomadGo | < 1.9.4 | 1.9.4 |
Affected products
7- ghsa-coords4 versionspkg:golang/github.com/hashicorp/nomadpkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweedpkg:rpm/suse/govulncheck-vulndb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6
< 1.9.4+ 3 more
- (no CPE)range: < 1.9.4
- (no CPE)range: < 0.0.20250108T191942-150000.1.26.1
- (no CPE)range: < 0.0.20241220T214820-1.1
- (no CPE)range: < 0.0.20250108T191942-150000.1.26.1
- HashiCorp/Nomadv5Range: 1.4.0
- HashiCorp/Nomad Enterprisev5Range: 1.4.0
Patches
1359a71861ef0Backport of sec: fix alloc workload identity namespace permission into release/1.9.x (#24685)
4 files changed · +23 −1
.changelog/24683.txt+3 −0 added@@ -0,0 +1,3 @@ +```release-note:security +api: sanitize the SignedIdentities in allocations to prevent privilege escalation through unredacted workload identity token impersonation associated with ACL policies. +```
command/agent/node_endpoint.go+1 −0 modified@@ -105,6 +105,7 @@ func (s *HTTPServer) nodeAllocations(resp http.ResponseWriter, req *http.Request out.Allocs = make([]*structs.Allocation, 0) } for _, alloc := range out.Allocs { + alloc = alloc.Sanitize() alloc.SetEventDisplayMessages() } return out.Allocs, nil
nomad/alloc_endpoint.go+2 −1 modified@@ -172,8 +172,9 @@ func (a *Alloc) GetAlloc(args *structs.AllocSpecificRequest, } // Setup the output - reply.Alloc = out if out != nil { + out = out.Sanitize() + reply.Alloc = out // Re-check namespace in case it differs from request. if !aclObj.AllowClientOp() && !allowNsOp(aclObj, out.Namespace) { return structs.NewErrUnknownAllocation(args.AllocID)
nomad/structs/structs.go+17 −0 modified@@ -11199,6 +11199,23 @@ func (a *Allocation) GetID() string { return a.ID } +// Sanitize returns a copy of the allocation with the SignedIdentities field +// removed. This is useful for returning allocations to clients where the +// SignedIdentities field is not needed. +func (a *Allocation) Sanitize() *Allocation { + if a == nil { + return nil + } + + if a.SignedIdentities == nil { + return a + } + + clean := a.Copy() + clean.SignedIdentities = nil + return clean +} + // GetNamespace implements the NamespaceGetter interface, required for // pagination and filtering namespaces in endpoints that support glob namespace // requests using tokens with limited access.
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-hr68-hvgv-xxqfghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-12678ghsaADVISORY
- discuss.hashicorp.com/t/hcsec-2024-29-nomad-allocations-vulnerable-to-privilege-escalation-within-a-namespace-using-unredacted-workload-identity-token/72119ghsaWEB
- github.com/hashicorp/nomad/commit/359a71861ef044cb5d749a36ff0e44b172c8f1a6ghsaWEB
News mentions
0No linked articles in our index yet.