ARP Spoofing Vulnerability in HashiCorp Nomad and Nomad Enterprise

ARP Spoofing Vulnerability in HashiCorp Nomad and Nomad Enterprise

CVE-2021-32575 · MEDIUM Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.

Learn more about our Network Penetration Testing.