Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2021-41803

HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2."

  • Published: Sep 23, 2022
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-41803
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.1
  • AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

CWEs:

Software From Fixed in
hashicorp / consul 1.12.4 1.12.4.x
hashicorp / consul 1.13.1 1.13.1.x
hashicorp / consul 1.8.1 1.11.9