{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T07:48:55.534","vulnerabilities":[{"cve":{"id":"CVE-2022-30324","sourceIdentifier":"cve@mitre.org","published":"2022-06-02T14:15:52.623","lastModified":"2024-11-21T07:02:35.193","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client agent host. Fixed in 1.1.14, 1.2.8, and 1.3.1."},{"lang":"es","value":"HashiCorp Nomad y Nomad Enterprise versiones 0.2.0 hasta 1.3.0, fueron impactados por vulnerabilidades de go-getter que permiten una escalada de privilegios mediante la estrofa de artefactos en los trabajos enviados en el host del agente cliente. Corregido en versiones 1.1.14, 1.2.8 y 1.3.1"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hashicorp:nomad:*:*:*:*:-:*:*:*","versionStartIncluding":"0.2.0","versionEndExcluding":"1.1.14","matchCriteriaId":"0565C9C3-D9AD-4369-AC9D-0A9EEA15B965"},{"vulnerable":true,"criteria":"cpe:2.3:a:hashicorp:nomad:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"0.2.0","versionEndExcluding":"1.1.14","matchCriteriaId":"0B626D53-8C55-46D5-BF2B-68C9C612E05E"},{"vulnerable":true,"criteria":"cpe:2.3:a:hashicorp:nomad:*:*:*:*:-:*:*:*","versionStartIncluding":"1.2.0","versionEndExcluding":"1.2.8","matchCriteriaId":"4F762BB6-F50B-4C8F-A653-B0DBE95D70EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:hashicorp:nomad:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"1.2.0","versionEndExcluding":"1.2.8","matchCriteriaId":"52A06812-2E7B-41F5-A937-074E0CE8D898"},{"vulnerable":true,"criteria":"cpe:2.3:a:hashicorp:nomad:1.3.0:*:*:*:-:*:*:*","matchCriteriaId":"184D1FED-0AF8-4C3B-B8C2-C60341122D0B"},{"vulnerable":true,"criteria":"cpe:2.3:a:hashicorp:nomad:1.3.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"6709CCD0-3946-482F-B6A7-42BA93A46574"}]}]}],"references":[{"url":"https://discuss.hashicorp.com","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://discuss.hashicorp.com/t/hcsec-2022-14-nomad-impacted-by-go-getter-vulnerabilities/39932","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://discuss.hashicorp.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://discuss.hashicorp.com/t/hcsec-2022-14-nomad-impacted-by-go-getter-vulnerabilities/39932","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}