| Name | CVE-2021-37218 |
| Description | HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.0.10 and 1.1.4. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more) |
| Debian Bugs | 1021273 |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| nomad (PTS) | sid, bullseye | 0.12.10+dfsg1-3 | vulnerable |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| nomad | source | (unstable) | (unfixed) | 1021273 |
[bullseye] - nomad <no-dsa> (Minor issue)
https://discuss.hashicorp.com/t/hcsec-2021-21-nomad-raft-rpc-privilege-escalation/29023
https://github.com/hashicorp/nomad/pull/11089 (main)
https://github.com/hashicorp/nomad/commit/768d7c72a77e9c0415d92900753fc83e8822145a (release-1.1.4)
https://github.com/hashicorp/nomad/commit/61a922afcf12784281757402c8e0b61686ff855d (release-1.0.11)