CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-1299

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 36.7%

CVSS Severity

CVSS v3 Score 7.4

References

https://discuss.hashicorp.com/t/hcsec-2023-08-nomad-job-submitter-privilege-escalation-using-workload-identity/51389
https://discuss.hashicorp.com/t/hcsec-2023-08-nomad-job-submitter-privilege-escalation-using-workload-identity/51389

Products affected by CVE-2023-1299

Hashicorp » Nomad » Version: 1.5.0

cpe:2.3:a:hashicorp:nomad:1.5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-1299

Products

Pricing

Contact Us