PT-2020-10282 · Hashicorp · Hashicorp Sentinel

Published

2020-02-14

·

Updated

2020-02-25

·

CVE-2019-19879

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions HashiCorp Sentinel versions up to 0.10.1
Description The issue concerns the incorrect parsing of negation in certain policy expressions. This was fixed in version 0.10.2.
Recommendations For HashiCorp Sentinel versions up to 0.10.1, update to version 0.10.2 to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2019-19879

Affected Products

Hashicorp Sentinel