CVE-2021-36213

Published: 2021-07-17T18:15Z

Last Modified: 2024-11-21T06:13Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt