CVE-2022-24683: 
Nomad vulnerability analysis and mitigation

HashiCorp Nomad and Nomad Enterprise versions 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 were affected by a security vulnerability that allows operators with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as root through the Nomad client agent. The vulnerability was discovered and disclosed on February 10, 2022, and was assigned identifier CVE-2022-24683. The issue was fixed in versions 1.0.18, 1.1.12, and 1.2.6 (HashiCorp Advisory).

The vulnerability stems from a flaw in Nomad's path validation logic related to the allocation directory functionality. Nomad creates a directory on the host filesystem for any task in a job, called an allocation directory, and provides an API to read files in this directory when operators have the appropriate permissions. The vulnerability received a CVSS v3.1 score of 7.5 (HIGH) with a vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (NetApp Advisory).

When successfully exploited, this vulnerability allows unauthorized access to sensitive files on the host system with root privileges. The impact is primarily focused on the confidentiality aspect, as it enables reading arbitrary files from the host filesystem, potentially exposing sensitive system information (HashiCorp Advisory).

The recommended mitigation is to upgrade to the fixed versions: Nomad or Nomad Enterprise 1.2.6, 1.1.12, or 1.0.18 or newer. Users should follow the general guidance and version-specific upgrade notes provided in the Nomad documentation (HashiCorp Advisory).