CVE-2023-3300

Summary

CVE-2023-3300: A vulnerability was discovered in HashiCorp Nomad and Nomad Enterprise versions 0.11.0 to 1.5.6 and 1.4.1. This issue affects the HTTP search API, allowing unauthenticated users or users without the required permissions to reveal the names of available Container Storage Interface (CSI) plugins. This information disclosure could potentially be exploited by an attacker to gain insights into the system's configuration and potentially launch further attacks. The vulnerability has been addressed in versions 1.6.0, 1.5.7, and 1.4.1.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.