Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Hashicorp HashiCorp Consul 输入验证错误漏洞
Vulnerability Description
Hashicorp HashiCorp Consul是美国HashiCorp(Hashicorp)公司的一套分布式、高可用数据中心感知解决方案。该产品用于跨动态分布式基础架构连接和配置应用程序。 HashiCorp Consul(和Consul Enterprise)存在输入验证错误漏洞,该漏洞源于xds可以生成这样一种情况,即单个L7拒绝意图(带有默认拒绝策略)会导致允许操作。
CVSS Information
N/A
Vulnerability Type
N/A