Primary

Context

HashiCorp Nomad Enterprise Policy Override Vulnerability Bypasses Mandatory Sentinel Policies

Vulnerability

A vulnerability in HashiCorp Nomad Enterprise jobs allows the policy override option to bypass mandatory Sentinel policies. This issue is present in Nomad Enterprise versions prior to 1.10.0, 1.9.8, and 1.8.12. The vulnerability arises because hard mandatory Sentinel policies can be ignored when the policy-override flag is used during job submission, leading to the execution of jobs that violate these critical policy constraints.

Impact

Exploitation of this vulnerability allows for the violation of hard mandatory Sentinel policies, enabling the execution of jobs that should be restricted by these policies.

Remediation

Users should evaluate the risk associated with this vulnerability and consider upgrading to Nomad Enterprise versions 1.10.1, 1.9.9, or 1.8.13.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HashiCorp Nomad Enterprise Policy Override Vulnerability Bypasses Mandatory Sentinel Policies

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating