Bug 2252882 (CVE-2023-5332) - CVE-2023-5332 consul: Command injection through script checks option
Summary: CVE-2023-5332 consul: Command injection through script checks option
Keywords:
Status: NEW
Alias: CVE-2023-5332
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2252883 2252886 2252887 2256522 2256524 2252888 2256521 2256523 2256525 2256526 2256527 2256528 2256529 2256530 2256531 2256532 2256533 2256534 2256535 2256536
Blocks: 2252890
TreeView+ depends on / blocked
 
Reported: 2023-12-05 05:38 UTC by Pedro Sampaio
Modified: 2024-02-20 19:27 UTC (History)
51 users (show)

Fixed In Version: consul 1.2.4, consul 1.1.1, consul 1.0.8, consul 0.9.4
Doc Type: ---
Doc Text:
A command injection flaw was found in Hashicorp's Consul script check configuration option. If the API is enabled and exposed through a public interface, it is possible to achieve remote code execution.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Pedro Sampaio 2023-12-05 05:38:04 UTC 
Patch in third party library Consul requires 'enable-script-checks' to be set to False. This was required to enable a patch by the vendor. Without this setting the patch could be bypassed. This only affects GitLab-EE.

References:

https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8171
https://www.hashicorp.com/blog/protecting-consul-from-rce-risk-in-specific-configurations
Comment 1 Pedro Sampaio 2023-12-05 05:38:33 UTC 
Created golang-github-hashicorp-consul-api tracking bugs for this issue:

Affects: fedora-all [bug 2252883]
Comment 3 Pedro Sampaio 2023-12-05 05:53:31 UTC 
Created golang-github-hashicorp-consul tracking bugs for this issue:

Affects: fedora-all [bug 2252887]


Created golang-github-prometheus tracking bugs for this issue:

Affects: epel-all [bug 2252886]
Note You need to log in before you can comment on or make changes to this bug.