Vulnerabilities > Hashicorp > Nomad > 1.2.15

DATE CVE VULNERABILITY TITLE RISK
2023-07-20 CVE-2023-3072 Missing Authorization vulnerability in Hashicorp Nomad
HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results.
network
low complexity
hashicorp CWE-862
3.8
3.8
2023-07-20 CVE-2023-3299 Exposure of Resource to Wrong Sphere vulnerability in Hashicorp Nomad
HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results.
network
low complexity
hashicorp CWE-668
2.7
2.7
2023-07-20 CVE-2023-3300 Missing Authorization vulnerability in Hashicorp Nomad
HashiCorp Nomad and Nomad Enterprise 0.11.0 up to 1.5.6 and 1.4.1 HTTP search API can reveal names of available CSI plugins to unauthenticated users or users without the plugin:read policy.
network
low complexity
hashicorp CWE-862
5.3
5.3