CVE-2021-32574 log

Severity Low
Remote Yes
Type Certificate verification bypass
HashiCorp Consul before version 1.9.8 does not validate SSL certificates correctly: xds does not ensure that the Subject Alternative Name of an upstream is validated.
Group Package Affected Fixed Severity Status Ticket
AVG-2171 consul 1.9.7-1 1.9.8-1 Medium Fixed
Date Advisory Group Package Severity Type
27 Jul 2021 ASA-202107-69 AVG-2171 consul Medium multiple issues