CVE-2020-13250

HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service. Fixed in 1.6.6 and 1.7.4.
References
Link Resource
https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md Release Notes Third Party Advisory
https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md Release Notes Third Party Advisory
https://github.com/hashicorp/consul/pull/8023 Patch Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*
cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:*
cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*

Information

Published : 2020-06-11 13:15

Updated : 2021-07-21 04:39


NVD link : CVE-2020-13250

Mitre link : CVE-2020-13250


JSON object : View

CWE
CWE-770

Allocation of Resources Without Limits or Throttling

Advertisement

dedicated server usa

Products Affected

hashicorp

  • consul