CVE-2020-25201

Excessive Iteration in go/github.com/hashicorp/consul/acl

Identifier

CVE-2020-25201

Package Slug

go/github.com/hashicorp/consul/acl

Vulnerability

Excessive Iteration

Description

HashiCorp Consul Enterprise up to includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes.

Affected Versions

All versions starting from 1.7.0 up to 1.8.4

Solution

Upgrade to version 1.8.5 or above.

Last Modified

2020-11-16

source