Information disclosure in HashiCorp Consul and Consul Enterprise

Uncategorized

Exploit availability: No Description. CWE-200 – Information Exposure The vulnerability allows a remote attacker to gain access to potentially sensitive information. The vulnerability exists due to excessive data output by the application. A remote attacker with operator:read ACL permissions can read the Connect CA private key configuration.Read MoreSecurity News