FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

consul -- Fix Consul Connect CA private key configuration

Affected packages
consul < 1.9.0


VuXML ID 8d17229f-3054-11eb-a455-ac1f6b16e566
Discovery 2020-11-02
Entry 2020-12-06

Hashicorp reports:

Increase the permissions to read from the /connect/ca/configuration endpoint to operator:write. Previously Connect CA configuration, including the private key, set via this endpoint could be read back by an operator with operator:read privileges.


CVE Name CVE-2020-28053