CVE-2021-32574 is a vulnerability in HashiCorp Consul
Published on July 17, 2021
HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1.
Products Associated with CVE-2021-32574
Want to know whenever a new CVE is published for HashiCorp Consul? stack.watch will email you.
Exploit Probability
EPSS
0.80%
Percentile
73.82%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.