CVE-2025-4922 | HashiCorp Nomad/Nomad Enterprise up to 1.10.1 Prefix-based ACL Policy Lookup privileges assignment

Inserito da Angelo Barbosa | Giu 11, 2025 | CVE

A vulnerability, which was classified as critical, has been found in HashiCorp Nomad and Nomad Enterprise up to 1.10.1. Affected by this issue is some unknown functionality of the component Prefix-based ACL Policy Lookup. The manipulation leads to incorrect privilege assignment.

This vulnerability is handled as CVE-2025-4922. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-4922 | HashiCorp Nomad/Nomad Enterprise up to 1.10.1 Prefix-based ACL Policy Lookup privileges assignment

Post correlati

CVE-2022-41951 | oroinc OroPlatform up to 4.1.13/4.2.10/5.0.8 getTemporaryFileName path traversal (GHSA-9v3j-4j64-p937)

CVE-2024-35692 | Termly Cookie Consent Plugin up to 3.2 on WordPress authorization

CVE-2024-23514 | ClickToTweet Click To Tweet Plugin up to 2.0.14 on WordPress cross site scripting

CVE-2024-49818 | IBM Security Guardium Key Lifecycle Manager 4.1/4.1.1/4.2.0/4.2.1 information exposure