CVE-2021-32575

6.5MEDIUM

Key Information

Vendor: Hashicorp
Status: Nomad
Vendor: CVE Published:; 17 June 2021

Summary

HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Jun 17, 2021
Vulnerability Reserved.
May 11, 2021

Collectors

NVD DatabaseMitre Database