HashiCorp Consul Token Privilege Escalation Vulnerability [CVE-2019-8336]

CVE Number – CVE-2019-8336

A vulnerability in HashiCorp Consul could allow an unauthenticated, remote attacker to bypass access restrictions on a targeted system.The vulnerability is due to improper access controls that are performed by the affected software when validating Access Control List (ACL) tokens. An attacker could exploit this vulnerability by injecting a token with <hidden> as its secret into the targeted system. A successful exploit could allow the attacker to bypass access restrictions within secondary data centers and gain arbitrary ACL token privileges.HashiCorp has confirmed the vulnerability and released software updates.

Analysis

• To exploit this vulnerability, an attacker must send a token with <hidden> as its secret to the targeted system, making exploitation more difficult in environments that restrict network access from untrusted sources.

Safeguards

• Administrators are advised to contact the vendor regarding future updates and releases.Administrators are advised to allow only trusted users to have network access.Administrators are advised to run both firewall and antivirus applications to minimize the potential of inbound and outbound threats.Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.Administrators can help protect affected systems from external attacks by using a solid firewall strategy.Administrators are advised to monitor affected systems.

Vendor Announcements

• HashiCorp has released an issue report at the following link: Issue 5423

Fixed Software

• HashiCorp has released a software update at the following link: HashiCorp Consul 1.4.3