Security Advisory

CVE-2023-3300

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-19 23:35:26

Last updated 2024-10-24 19:48:48

Assigner HashiCorp

State PUBLISHED

Description

HashiCorp Nomad and Nomad Enterprise 0.11.0 up to 1.5.6 and 1.4.1 HTTP search API can reveal names of available CSI plugins to unauthenticated users or users without the plugin:read policy. Fixed in 1.6.0, 1.5.7, and 1.4.1.

← Browse all CVEs View on cve.org ↗