Miggo Logo
Miggo Vulnerability Database
CVE-2020-7955

CVE-2020-7955:
Incorrect Authorization in HashiCorp Consul

5.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2020-7955
GHSA ID
GHSA-r9w6-rhh9-7v53
EPSS Score
0.55478%
CWE
CWE-863
Published
7/28/2021
Updated
2/1/2023
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/hashicorp/consulgo>= 1.4.1, <= 1.6.21.6.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The security patch adds ACL token parsing and authorization checks to both AgentHealthServiceByID and AgentHealthServiceByName methods in agent_endpoint.go. The commit message explicitly states these endpoints were missing ACL enforcement. The vulnerable functions are the HTTP handler methods that process /v1/agent/health/service/id/{id} and /v1/agent/health/service/name/{name} endpoints. In vulnerable versions, these functions would appear in runtime profiles when handling unauthorized requests to these endpoints as they processed sensitive health checks without proper authorization.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

**s*i*orp *onsul *n* *onsul *nt*rpris* *.*.* t*rou** *.*.* *i* not uni*ormly *n*or** **Ls **ross *ll *PI *n*points, r*sultin* in pot*nti*l unint*n*** in*orm*tion *is*losur*. *ix** in *.*.*.

Reasoning

T** s**urity p*t** ***s **L tok*n p*rsin* *n* *ut*oriz*tion ****ks to *ot* `***nt***lt*S*rvi***yI*` *n* `***nt***lt*S*rvi***yN*m*` m*t*o*s in `***nt_*n*point.*o`. T** *ommit m*ss*** *xpli*itly st*t*s t**s* *n*points w*r* missin* **L *n*or**m*nt. T**