Privilege Escalation in HashiCorp Nomad and Nomad Enterprise
CVE-2021-37218

8.8HIGH

Key Information:

Vendor: Hashicorp
Status: Nomad
Vendor: CVE Published:; 7 September 2021

Summary

The Raft RPC layer in HashiCorp Nomad and Nomad Enterprise has a vulnerability that allows non-server agents with valid certificates, signed by the same Certificate Authority (CA), to access functionalities typically reserved for server-only operations. This could result in unauthorized privilege escalation, potentially compromising the security of deployments. Users should ensure they update to version 1.0.10 or 1.1.4 to mitigate this risk.

References

https://www.hashicorp.com/blog/category/nomad

x_refsource_MISC

https://discuss.hashicorp.com/t/hcsec-2021-21-nomad-raft-...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 7, 2021
Vulnerability Reserved
Jul 21, 2021