CVE-2020-7218

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions HashiCorp Nomad and Nomad Enterprise versions prior to 0.10.3

Description The issue allows unbounded resource usage and is susceptible to unauthenticated denial of service. This affects the HTTP/RPC services.

Recommendations For versions prior to 0.10.3, update to version 0.10.3 to resolve the issue. As a temporary workaround, consider restricting access to the HTTP/RPC services to minimize the risk of exploitation.

Fix

Allocation of Resources Without Limits

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-400

Related Identifiers

CVE-2020-7218

GHSA-H43V-26R7-7J4C

GO-2022-0840

Affected Products

Nomad

Nomad Enterprise

CVE-2020-7218

Weakness Enumeration

Related Identifiers

Affected Products

References · 13