← back
CVE-2020-12797

CVE-2020-12797

EPSS 1.6%
HashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to non-propagation to secondary data centers. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.mdhttps://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.mdhttps://github.com/hashicorp/consul/pull/8047