HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5.
                
            References
                    Configurations
                    Configuration 1 (hide)
| 
 | 
Configuration 2 (hide)
| 
 | 
History
                    No history.
Information
                Published : 2022-04-19 16:17
Updated : 2024-11-21 06:58
NVD link : CVE-2022-29153
Mitre link : CVE-2022-29153
CVE.ORG link : CVE-2022-29153
JSON object : View
Products Affected
                hashicorp
- consul
fedoraproject
- fedora
CWE
                
                    
                        
                        CWE-918
                        
            Server-Side Request Forgery (SSRF)
