CVE-2021-38698

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-38698
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-38698.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-38698
Aliases
Downstream
Related
Published
2021-09-07T12:15:07.930Z
Modified
2026-02-03T07:27:06.808349Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. Fixed in 1.8.15, 1.9.9 and 1.10.2.

References

Affected packages

Git / github.com/hashicorp/consul

Affected ranges

Type
GIT
Repo
https://github.com/hashicorp/consul
Events
Introduced
27de64da7095570012e9f8f7aec16aaf66d2a773
Fixed
3cb6eeedbda90aad6b387b89917971086d6cf6b5
Fixed
a4f67ec2bffec430e6677dc5a449e89b9b56aa13
Introduced
a417fe51040a33039d3282e31c6c6b6f4fd1f886
Fixed
b0906b5bb0b6df6149aa1645d331030f5e85be30

Affected versions

api/v1.*
api/v1.8.1
api/v1.9.1
v1.*
v1.10.0
v1.10.1
v1.10.1-beta1
v1.9.0
v1.9.1
v1.9.2
v1.9.3
v1.9.4
v1.9.5
v1.9.6
v1.9.7
v1.9.8

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-38698.json"