AVG-2171 log

Package	consul
Status	Fixed
Severity	Medium
Type	multiple issues
Affected	1.9.7-1
Fixed	1.9.8-1
Current	1.20.1-1 [extra]
Ticket	None
Created	Sat Jul 17 22:46:09 2021

Issue	Severity	Remote	Type	Description
CVE-2021-36213	Medium	Yes	Access restriction bypass	In HashiCorp Consul before version 1.9.8, xds can generate a situation where a single L7 deny intention (with a default deny policy) results in an allow action.
CVE-2021-32574	Low	Yes	Certificate verification bypass	HashiCorp Consul before version 1.9.8 does not validate SSL certificates correctly: xds does not ensure that the Subject Alternative Name of an upstream is...

Issue

Severity

Remote

Type

Description

CVE-2021-36213

Medium

Yes

Access restriction bypass

In HashiCorp Consul before version 1.9.8, xds can generate a situation where a single L7 deny intention (with a default deny policy) results in an allow action.

CVE-2021-32574

Low

Yes

Certificate verification bypass

HashiCorp Consul before version 1.9.8 does not validate SSL certificates correctly: xds does not ensure that the Subject Alternative Name of an upstream is...

Date	Advisory	Package	Type
27 Jul 2021	ASA-202107-69	consul	multiple issues