Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.0.10 and 1.1.4.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Hashicorp Nomad 信任管理问题漏洞
Vulnerability Description
Hashicorp Nomad是美国Hashicorp公司的一款分布式、数据中心感知的集群和应用程序调度程序。该程序支持部署微服务、批处理、容器化和非容器化应用程序。 Hashicorp Nomad 存在信任管理问题漏洞,该漏洞源于应用程序没有适当地施加安全限制,远程经过身份验证的攻击者可利用该漏洞直接与服务器代理的Raft RPC层通信,从而导致绕过安全限制和特权升级。以下产品及版本收到影响:Nomad: 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6,
CVSS Information
N/A
Vulnerability Type
N/A