CVE-2024-10006

Aliases:GHSA-5c4w-8hhh-3c3hBIT-consul-2024-10006GO-2024-3241

Advisory lineage Upstream: 0 Downstream: 5

Downstream

DEBIAN-CVE-2024-10006 OPENSUSE-SU-2024:0350-1 OPENSUSE-SU-2024:14458-1 SUSE-SU-2024:3950-1 UBUNTU-CVE-2024-10006

Modified

Published: 30 Oct 2024, 21:20

Last modified:10 Jan 2025, 13:06

Vulnerability Summary

Overall Risk (default)

medium

33/100

CVSS Score

8.3 HIGH

v3.1 (cve.org)

EPSS Score

0.03% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

30 Oct 2024, 21:20

Published

Vulnerability first disclosed

10 Jan 2025, 13:06

Last Modified

Vulnerability information updated

Description

A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.

CVSS Metrics

v4.0•MEDIUM•Score: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L
v3.1•HIGH•Score: 8.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
v3.1•MEDIUM•Score: 5.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

EPSS Trends

Current EPSS score: 0.03%• Percentile: 11%

Techniques & Countermeasures

CWE-644•Improper Neutralization of HTTP Headers for Scripting Syntax
The product does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers, such as Flash.
CWE-116•Improper Encoding or Escaping of Output
The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

Affected Systems

github.com/hashicorp•consul
≥ 1.9.0, < 1.20.1
hashicorp•consul
≥ 1.9.0, < 1.20.1 | ≥ 1.4.1, < 1.20.1 | ≥ 1.9.0, < 1.15.15 | ≥ 1.18.0, < 1.18.5 | ≥ 1.19.0, < 1.19.3 | 1.20.0
hashicorp•consul enterprise
≥ 1.9.0, < 1.20.1