CVE-2021-32574: Improper Certificate Validation

July 17, 2021 (updated October 25, 2022)

HashiCorp Consul and Consul Enterprise’s Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name.

References

nvd.nist.gov/vuln/detail/CVE-2021-32574
www.hashicorp.com/blog/category/consul

Detect and mitigate CVE-2021-32574 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →