Panic Vulnerability in HashiCorp Nomad and Nomad Enterprise

Panic Vulnerability in HashiCorp Nomad and Nomad Enterprise

CVE-2022-24684 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

HashiCorp Nomad and Nomad Enterprise 0.9.0 through 1.0.16, 1.1.11, and 1.2.5 allow operators with job-submit capabilities to use the spread stanza to panic server agents. Fixed in 1.0.18, 1.1.12, and 1.2.6.

Learn more about our Cis Benchmark Audit For Server Software.