CVE-2023-1299

Name of the Vulnerable Software and Affected Versions HashiCorp Nomad and Nomad Enterprise version 1.5.0

Description A job submitter can escalate to management-level privileges using workload identity and task API. This issue was introduced due to the exposure of the workload identity token to the workload, allowing access to Nomad HTTP API via a unix domain socket without configuring mTLS. The vulnerability can be exploited if the workload identity does not have any attached ACL policies.

Recommendations For HashiCorp Nomad and Nomad Enterprise version 1.5.0, consider upgrading to Nomad 1.5.1 or newer to resolve the issue. As a temporary workaround, evaluate the risk associated with this issue and consider restricting access to the workload identity and task API until the upgrade is applied.