Privilege Escalation Affecting github.com/hashicorp/nomad package, versions >=1.5.0 <1.5.1
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-GOLANG-GITHUBCOMHASHICORPNOMAD-3358955
- published 14 Mar 2023
- disclosed 14 Mar 2023
- credit tgross
Introduced: 14 Mar 2023
CVE-2023-1299 Open this link in a new tabHow to fix?
Upgrade github.com/hashicorp/nomad to version 1.5.1 or higher.
Overview
github.com/hashicorp/nomad is a workload orchestrator that can deploy a mix of microservice, batch, containerized, and non-containerized applications.
Affected versions of this package are vulnerable to Privilege Escalation via the workload identity. If the workload identity has no attached ACL policies, it can access Nomad HTTP API via a Unix domain socket without configuring mTLS.
Exploiting this vulnerability is possible because a workload identity without any workload-associated policies was treated as a management token, allowing users with submit-job capabilities to escalate their privileges.