CVE-2020-25201 – HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespac

HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5.

 

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25201

Reference (s):

• https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#185-october-23-2020
• https://www.hashicorp.com/blog/category/consul