Description

Acunetix determined that it was possible to access the Hashicorp Consul API without authentication. In a certain configuration of Hashicorp Consul, an unauthentication attacker may be able to archive remote command execution on the server.

Remediation

Restrict access to the Hashicorp Consul API.

References

Hashicorp Consul - RCE via Rexec

Security Models

Related Vulnerabilities

WordPress Plugin MetaSlider Information Disclosure (3.3.1)

TimThumb WebShot remote code execution

Oracle Database Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3240)

EktronCMS Saxon XSLT parser remote code execution

Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-0464)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Code Execution