CVE-2022-40716

{"id": "CVE-2022-40716", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-09-23T12:15:10.500", "references": [{"url": "https://discuss.hashicorp.com", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://discuss.hashicorp.com/t/hcsec-2022-20-consul-service-mesh-intention-bypass-with-malicious-certificate-signing-request/44628", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/", "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/", "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-252"}]}], "descriptions": [{"lang": "en", "value": "HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2.\""}, {"lang": "es", "value": "HashiCorp Consul y Consul Enterprise versiones hasta la 1.11.8, 1.12.4, y 1.13.1, no comprueban los valores m\u00faltiples de SAN URI en un CSR en el endpoint RPC interno, permitiendo un aprovechamiento del acceso privilegiado para omitir las intenciones de malla de servicio. Corregido en 1.11.9, 1.12.5 y 1.13.2\"."}], "lastModified": "2023-11-07T03:52:36.337", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "999B2E09-9A91-47B2-8B0A-869D0CB416FB", "versionEndExcluding": "1.11.9"}, {"criteria": "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "CB50BB9A-3584-4099-A622-D77EDBB69B35", "versionEndExcluding": "1.11.9"}, {"criteria": "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "1D75922B-3EDE-4707-B0BC-B8533FB9FA2C", "versionEndExcluding": "1.12.5", "versionStartIncluding": "1.12.0"}, {"criteria": "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "06BF88BF-38B3-4ED2-963F-76EBBAF3EF27", "versionEndExcluding": "1.12.5", "versionStartIncluding": "1.12.0"}, {"criteria": "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "F1A1E466-3870-484B-84F2-AA903D146B19", "versionEndExcluding": "1.13.2", "versionStartIncluding": "1.13.0"}, {"criteria": "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "C3526BD3-55DC-4563-8883-D3013160720C", "versionEndExcluding": "1.13.2", "versionStartIncluding": "1.13.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}