Privilege Escalation Affecting github.com/hashicorp/consul/agent/structs Open this link in a new tab package, versions >=1.6.0-beta1 <1.6.6 >=1.7.0 <1.7.4


0.0
medium
  • Attack Complexity

    Low

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • snyk-id

    SNYK-GOLANG-GITHUBCOMHASHICORPCONSULAGENTSTRUCTS-572116

  • published

    12 Jun 2020

  • disclosed

    12 Jun 2020

  • credit

    Unknown

How to fix?

Upgrade github.com/hashicorp/consul/agent/structs to version 1.6.6, 1.7.4 or higher.

Overview

github.com/hashicorp/consul/agent/structs is a tool for service discovery and configuration.

Affected versions of this package are vulnerable to Privilege Escalation. Consul has two types of tokens, Global and Local. Local tokens are meant to only be resolvable and used within a single datacenter. Creation of local tokens is only allowed if either token replication is enabled in a secondary datacenter, or if the datacenter the token is scoped to is the primary. In a typical cluster we expect that either token replication is on in all datacenters or local tokens are not used at all.

When token replication is not enabled in a secondary datacenter, attempts to use a local token created in the primary are successful for operations targeting that secondary datacenter. Thus what was meant to be scoped to a single datacenter is valid in other datacenters.