Severity |
|
Remote |
|
Type |
- |
Unknown |
+ |
Denial of service |
|
Description |
+ |
HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 allowed operators with service:write ACL permissions to write a malicious config entry that causes infinite raft writes due to issues with the namespace replication logic. This can lead to an operator with access to one namespace to be able to temporarily delete a doppelgänger configuration in another namespace they should not have access to modify. |
|
References |
+ |
https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#185-october-23-2020 |
+ |
https://github.com/hashicorp/consul/pull/9024 |
+ |
https://github.com/hashicorp/consul/commit/58387fef0a8240d0457001bb2bac075796775e11 |
|
Notes |
|