Wiz
Vulnerability DatabaseCVE-2022-29153

CVE-2022-29153
Consul vulnerability analysis and mitigation

Overview

A vulnerability (CVE-2022-29153) was identified in HashiCorp Consul and Consul Enterprise affecting versions up to 1.9.16, 1.10.9, and 1.11.4. The vulnerability was discovered and disclosed on April 15, 2022, where HTTP health check endpoints returning an HTTP redirect could be abused as a vector for server-side request forgery (SSRF). This issue was fixed in versions 1.9.17, 1.10.10, and 1.11.5 (HashiCorp Advisory).

Technical details

The vulnerability occurs when the Consul client agent follows redirects returned by HTTP health check endpoints. Consul provides health checking functionality that can target HTTP endpoints to monitor service status, which can be defined in the Consul configuration file or added at runtime over the HTTP interface. The vulnerability has a CVSS v3.1 Base Score of 7.5 (HIGH) with a vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N, indicating network accessibility with low attack complexity and no required privileges (NVD).

Impact

The vulnerability could lead to the bypass of application isolation, particularly in multi-tenant environments where checks may be defined by parties across trust boundaries. The Consul client agent health check could serve as a proxy to send requests to arbitrary HTTP endpoints, potentially resulting in the addition or modification of data (NetApp Advisory).

Mitigation and workarounds

HashiCorp has introduced a disable_redirects option in the HTTP + Interval health check configuration to prohibit redirect following behavior. While this option defaults to false, it is recommended to set it to true after upgrading to the fixed versions. Users should upgrade to Consul or Consul Enterprise versions 1.9.17, 1.10.10, and 1.11.5 or newer (HashiCorp Advisory).

Community reactions

The vulnerability was identified by the Offensive Security Research Unit at Ronin and responsibly disclosed to HashiCorp. Various organizations including NetApp, Gentoo Linux, and Fedora have issued their own security advisories and patches in response to this vulnerability (Gentoo Advisory, NetApp Advisory).

Additional resources

SourceThis report was generated using AI

Related Consul vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-11375MEDIUM6.5
  • ConsulConsul
  • consul
NoYesOct 28, 2025
CVE-2025-11374MEDIUM6.5
  • ConsulConsul
  • github.com/hashicorp/consul
NoYesOct 28, 2025
CVE-2024-10086MEDIUM6.1
  • ConsulConsul
  • consul
NoYesOct 30, 2024
CVE-2024-10006MEDIUM5.8
  • ConsulConsul
  • consul-1.21
NoYesOct 30, 2024
CVE-2024-10005MEDIUM5.8
  • ConsulConsul
  • consul-1.21
NoYesOct 30, 2024

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo