CVE-2019-9764 is a vulnerability in HashiCorp Consul
Published on March 26, 2019
HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In other words, the product behaves as if verify_server_hostname were set to false, even when it is actually set to true. This is fixed in 1.4.4.
Products Associated with CVE-2019-9764
Want to know whenever a new CVE is published for HashiCorp Consul? stack.watch will email you.
Exploit Probability
EPSS
0.18%
Percentile
39.83%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.