SB2024021507 - Multiple vulnerabilities in HashiCorp Consul
Published: February 15, 2024 Updated: December 6, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 6 secuirty vulnerabilities.
1) Improper Authentication (CVE-ID: CVE-2024-23324)
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an authentication bypass when proxy protocol filter sets invalid UTF-8 metadata. A remote attacker can bypass external authentication by downstream connections that use PROXY protocol.
2) Uncaught Exception (CVE-ID: CVE-2024-23325)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to uncaught exception in proxy protocol when using an address type that is not supported by the OS. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
3) Use-after-free (CVE-ID: CVE-2024-23322)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error when idle and request per try timeout occur within the backoff interval. A remote attacker can cause a denial of service condition on the target system.
4) Inefficient CPU Computation (CVE-ID: CVE-2024-23323)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the excessive CPU usage when URI template matcher is configured using regex. A remote attacker can perform a denial of service (DoS) attack.
5) NULL pointer dereference (CVE-ID: CVE-2024-23327)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in proxy protocol when command type of LOCAL. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
6) Resource exhaustion (CVE-ID: CVE-2023-44487)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improperly control of consumption for internal resources when handling HTTP/2 requests with compressed HEADERS frames. A remote attacker can send a sequence of compressed HEADERS frames followed by RST_STREAM frames and perform a denial of service (DoS) attack, a.k.a. "Rapid Reset".
Note, the vulnerability is being actively exploited in the wild.
Remediation
Install update from vendor's website.
References
- https://github.com/hashicorp/consul/releases/tag/v1.17.3"
- https://github.com/hashicorp/consul/releases/tag/v1.17.3</a></p><p><a
- https://github.com/hashicorp/consul/releases/tag/v1.16.6"
- https://github.com/hashicorp/consul/releases/tag/v1.16.6</a></p><p>
- https://github.com/hashicorp/consul/releases/tag/v1.15.10</p><p><br></p>