Skip to main content

Unchecked Return Value


Severity Medium
Score 6.5/10


HashiCorp Consul and Consul Enterprise versions through 1.11.8, 1.12.x through 1.12.4 and 1.13.x through 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2.

  • LOW
  • HIGH
  • NONE
  • LOW
  • NONE
  • NONE

CWE-252 - Unchecked Return Value

The software does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

Advisory Timeline

  • Published