Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-6978-zhdf-w7au
Vulnerability ID VCID-6978-zhdf-w7au
Aliases CVE-2024-23322
Summary Multiple vulnerabilities have been discovered in HashiCorp Consul, the worst of which could result in denial of service.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
cvssv3 5.9 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23322.json
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2024-23322
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2024-23322
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2024-23322
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2024-23322
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2024-23322
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2024-23322
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2024-23322
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2024-23322
epss 0.00086 https://api.first.org/data/v1/epss?cve=CVE-2024-23322
cvssv3.1 7.5 https://github.com/envoyproxy/envoy/commit/843f9e6a123ed47ce139b421c14e7126f2ac685e
ssvc Track https://github.com/envoyproxy/envoy/commit/843f9e6a123ed47ce139b421c14e7126f2ac685e
cvssv3.1 7.5 https://github.com/envoyproxy/envoy/security/advisories/GHSA-6p83-mfmh-qv38
ssvc Track https://github.com/envoyproxy/envoy/security/advisories/GHSA-6p83-mfmh-qv38
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23322.json
https://api.first.org/data/v1/epss?cve=CVE-2024-23322
2259233 https://bugzilla.redhat.com/show_bug.cgi?id=2259233
843f9e6a123ed47ce139b421c14e7126f2ac685e https://github.com/envoyproxy/envoy/commit/843f9e6a123ed47ce139b421c14e7126f2ac685e
GHSA-6p83-mfmh-qv38 https://github.com/envoyproxy/envoy/security/advisories/GHSA-6p83-mfmh-qv38
GLSA-202412-14 https://security.gentoo.org/glsa/202412-14
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23322.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/envoyproxy/envoy/commit/843f9e6a123ed47ce139b421c14e7126f2ac685e
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-12T19:07:29Z/ Found at https://github.com/envoyproxy/envoy/commit/843f9e6a123ed47ce139b421c14e7126f2ac685e
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/envoyproxy/envoy/security/advisories/GHSA-6p83-mfmh-qv38
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-12T19:07:29Z/ Found at https://github.com/envoyproxy/envoy/security/advisories/GHSA-6p83-mfmh-qv38
Exploit Prediction Scoring System (EPSS)
Percentile 0.24971
EPSS Score 0.00086
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:02:15.836417+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/202412-14 38.0.0