Security Advisory

CVE-2024-12678

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-20 01:49:40

Last updated 2024-12-20 17:08:12

Assigner HashiCorp

State PUBLISHED

Description

Nomad Community and Nomad Enterprise ("Nomad") allocations are vulnerable to privilege escalation within a namespace through unredacted workload identity tokens. This vulnerability, identified as CVE-2024-12678, is fixed in Nomad Community Edition 1.9.4 and Nomad Enterprise 1.9.4, 1.8.8, and 1.7.16.

← Browse all CVEs View on cve.org ↗