CVE-2022-40716 — HashiCorp Consul vulnerable to authorization bypass in github.com/hashicorp/cons

Description

HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2."

How to fix CVE-2022-40716

To remediate CVE-2022-40716, upgrade the affected package to a fixed version below.

—upgrade to 1.11.9 or later
—no fix listed
—upgrade to 1.11.9 or later
—upgrade to 1.11.9 or later

Is CVE-2022-40716 being exploited?

Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.

Affected packages (4)

from 0, < 1.11.9, >= 1.12.0, < 1.12.5, >= 1.13.0, < 1.13.2
from 0
from 0, < 1.11.9
from 0, < 1.11.9, >= 1.12.0, < 1.12.5, >= 1.13.0, < 1.13.2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

References (13)

ADVISORYgithub.com/advisories/GHSA-m69r-9g56-7mv8
ADVISORYnvd.nist.gov/vuln/detail/CVE-2022-40716
ADVISORYsecurity-tracker.debian.org/tracker/CVE-2022-40716
PATCHgithub.com/hashicorp/consul
WEBdiscuss.hashicorp.com