SB2023081013 - Multiple vulnerabilities in Consul Enterprise
Published: August 10, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Cross-site scripting (CVE-ID: CVE-2023-3978)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
2) Improper Neutralization of HTTP Headers for Scripting Syntax (CVE-ID: CVE-2023-29406)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to improper input validation in HTTP/1 client when handling HTTP Host header. A remote non-authenticated attacker can send a specially crafted HTTP request with a maliciously crafted Host header and inject additional headers or entire requests.
Successful exploitation of the vulnerability may allow an attacker to perform cross-site scripting, cache poisoning or session hijacking attacks.
3) Improper Certificate Validation (CVE-ID: CVE-2023-29409)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to verifying certificate chains containing large RSA keys is slow. A remote attacker can cause a client/server to expend significant CPU time verifying signatures.
Remediation
Install update from vendor's website.
References
- https://github.com/hashicorp/consul/releases/tag/v1.14.9"
- https://github.com/hashicorp/consul/releases/tag/v1.14.9</a></p><p><a
- https://github.com/hashicorp/consul/releases/tag/v1.16.1"
- https://github.com/hashicorp/consul/releases/tag/v1.16.1</a></p><p>
- https://github.com/hashicorp/consul/releases/tag/v1.15.5</p><p><br></p>