Privilege Escalation Vulnerability in HashiCorp Nomad Allocations
CVE-2024-12678
6.5MEDIUM
What is CVE-2024-12678?
The vulnerability identified as CVE-2024-12678 affects HashiCorp's Nomad Community and Enterprise editions, enabling privilege escalation within a namespace due to the exposure of unredacted workload identity tokens. This security flaw can potentially allow an attacker to gain elevated permissions, compromising the integrity and security of the affected system. The issue has been addressed in the latest versions released by HashiCorp, ensuring that users can secure their environments and maintain operational safety.
Affected Version(s)
Nomad 64 bit 1.4.0 < 1.9.4
Nomad Enterprise 64 bit 1.4.0 < 1.9.4