CVE-2021-37218

HIGH8.8EPSS 0.19%

Privilege escalation in Hashicorp Nomad

Published: 9/8/2021Modified: 8/21/2024

Also known as:GHSA-c8x3-rg72-fwwgGO-2022-0591

Description

HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.0.10 and 1.1.4.

Affected packages (2)

Go/github.com/hashicorp/nomadfrom 0, < 1.0.10
Go/github.com/hashicorp/nomadfrom 0, < 1.0.10, >= 1.1.0, < 1.1.4

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References (5)

ADVISORYhttps://github.com/advisories/GHSA-c8x3-rg72-fwwg
ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-37218
PATCHhttps://github.com/hashicorp/nomad
WEBhttps://discuss.hashicorp.com/t/hcsec-2021-21-nomad-raft-rpc-privilege-escalation/29023
WEBhttps://www.hashicorp.com/blog/category/nomad