{"id":"CVE-2022-24687","details":"HashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at least one Ingress Gateway allow a user with service:write to register a specifically-defined service that can cause Consul servers to panic. Fixed in 1.9.15, 1.10.8, and 1.11.3.","aliases":["BIT-consul-2022-24687","GHSA-hj93-5fg3-3chr","GO-2022-0953"],"modified":"2026-04-10T04:45:30.442840Z","published":"2022-02-24T16:15:08.197Z","references":[{"type":"ADVISORY","url":"https://discuss.hashicorp.com/t/hcsec-2022-05-consul-ingress-gateway-panic-can-shutdown-servers/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202208-09"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220331-0006/"},{"type":"ADVISORY","url":"https://discuss.hashicorp.com"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/hashicorp/consul","events":[{"introduced":"3111cb8c7df8545abaa0c96347996b5341ff625d"},{"fixed":"927778bd09be8d2c9025dc66d83d95e095424249"},{"introduced":"3111cb8c7df8545abaa0c96347996b5341ff625d"},{"fixed":"927778bd09be8d2c9025dc66d83d95e095424249"},{"introduced":"27de64da7095570012e9f8f7aec16aaf66d2a773"},{"fixed":"56171a4e791d6ee4308ec83c91736d079e627029"},{"introduced":"27de64da7095570012e9f8f7aec16aaf66d2a773"},{"fixed":"56171a4e791d6ee4308ec83c91736d079e627029"},{"introduced":"33a5f761316e03f2b16c6bd83e8d890d5e2f95e1"},{"fixed":"e319d7ed5f3a0fc31ca2621087f414f01df0b39f"},{"introduced":"33a5f761316e03f2b16c6bd83e8d890d5e2f95e1"},{"fixed":"e319d7ed5f3a0fc31ca2621087f414f01df0b39f"}],"database_specific":{"versions":[{"introduced":"1.8.0"},{"fixed":"1.9.15"},{"introduced":"1.8.0"},{"fixed":"1.9.15"},{"introduced":"1.10.0"},{"fixed":"1.10.8"},{"introduced":"1.10.0"},{"fixed":"1.10.8"},{"introduced":"1.11.0"},{"fixed":"1.11.3"},{"introduced":"1.11.0"},{"fixed":"1.11.3"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24687.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}