CVE-2021-38698
go/github.com/hashicorp/consul/acl
Incorrect Authorization
HashiCorp Consul and Consul Enterprise's Txn.Apply
endpoint allowed services to register proxies for other services, enabling access to service traffic.
All versions before 1.8.15, all versions starting from 1.9.0 before 1.9.9, all versions starting from 1.10.0 before 1.10.2
Upgrade to versions 1.8.15, 1.9.9, 1.10.2 or above.
2021-09-17
source |