CVE-2020-28053
Published
CVSS v3
6.5
MEDIUM
CVSS v2
4
MEDIUM
Affected
1
PROJECT
Description
HashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed operators with operator:read ACL permissions to read the Connect CA private key configuration. Fixed in 1.6.10, 1.7.10, and 1.8.6.
Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.
GitHub