CVE-2022-3867
2.7LOWHashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 event stream subscribers using a token with TTL receive updates until token garbage is collected. Fixed in 1.4.2.
Опубликовано: 11/10/2022Обновлено: 11/21/2024
Описание
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 event stream subscribers using a token with TTL receive updates until token garbage is collected. Fixed in 1.4.2.
ИИ-АнализНа базе ИИ
Затронутые продукты
hashicorpnomad
1.4.0
hashicorpnomad
1.4.0
hashicorpnomad
1.4.1
hashicorpnomad
1.4.1
Ссылки
- https://discuss.hashicorp.com/t/hcsec-2022-26-nomad-s-event-stream-subscriber-using-acl-token-with-ttl-receive-updates-until-garbage-collected/46168Vendor Advisory
- https://discuss.hashicorp.com/t/hcsec-2022-26-nomad-s-event-stream-subscriber-using-acl-token-with-ttl-receive-updates-until-garbage-collected/46168Vendor Advisory