HashiCorp disclosed a critical security flaw (CVE-2025-4922) in its Nomad workload orchestration tool on June 11, 2025, exposing clusters to privilege escalation risks through improper ACL policy enforcement. The vulnerability, rated 8.1 CVSS, enables attackers to bypass namespace restrictions via strategic job naming conventions. Technical Analysis Nomad’s Access Control List (ACL) system uses prefix-based matching […] The post HashiCorp Nomad ACL Lookup Flaw Allows Privilege Escalation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/hashicorp-nomad-acl-lookup/
