CVE-2021-32574

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-32574
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-32574.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-32574
Aliases
Downstream
Related
Published
2021-07-17T18:15:07.723Z
Modified
2026-05-18T21:06:56.623437Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1.

References

Affected packages

Git / github.com/hashicorp/consul

Affected ranges

Type
GIT
Repo
https://github.com/hashicorp/consul
Events
Introduced
e8757838a49feeb682c7e6ad6b78694a78b2096b
Fixed
1061f92a96ada572aefa6dbb7fd10e3ce0e8b90d
Introduced
a417fe51040a33039d3282e31c6c6b6f4fd1f886
Fixed
debb13e91861642efe80f19440ab6fecf4b93be8
Introduced
27de64da7095570012e9f8f7aec16aaf66d2a773
Fixed
db839f18ba4796df77601bfe9873756ed340525d
Database specific 
{
    "source": [
        "CPE_FIELD",
        "REFERENCES"
    ],
    "cpe": [
        "cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*",
        "cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "1.3.0"
        },
        {
            "fixed": "1.8.14"
        },
        {
            "introduced": "1.9.0"
        },
        {
            "fixed": "1.9.8"
        },
        {
            "introduced": "1.10.0"
        },
        {
            "fixed": "1.10.1"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-32574.json"