Last updated
An identity-aware proxy that provides a simple, secure way to access hosts and critical systems on your network.
$ winget install --id Hashicorp.Boundary --exact --version 0.21.3Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.
For Intune admins
Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.
Start free 30-day trialNo credit card required.
Boundary is an identity-aware proxy that provides a simple, secure way to access hosts and critical systems on your network.
With Boundary you can:
- Integrate with your IdP of choice using OpenID Connect, enabling users to securely sign-in to their Boundary environment
- Provide just-in-time network access to network resources, wherever they reside
- Manage session credentials via a native static credential store, or dynamically generate unique per-session credentials by integrating with HashiCorp Vault
- Automate discovery of new endpoints
- Manage privileged sessions using Boundary’s session controls
- Standardize your team's access workflow with a consistent experience for any type of infrastructure across any provider
Boundary is designed to be straightforward to understand, highly scalable, and resilient. It can run in clouds, on-prem, secure enclaves and more, and does not require an agent to be installed on every end host, making it suitable for access to managed/cloud services and container-based workflows in addition to traditional host systems and services.
Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.
5 known CVEs via NVD
Boundary Community Edition and Boundary Enterprise (“Boundary”) incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization...
Boundary and Boundary Enterprise (“Boundary”) is vulnerable to session hijacking through TLS certificate tampering. An attacker with privileges to enumerate active or pending sessions, obtain a private key pertaining to a session, and obtain a valid trust on first use (TOFU) tok...
HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This wo...
Hashicorp Boundary v0.8.0 is vulnerable to Clickjacking which allow for the interception of login credentials, re-direction of users to malicious sites, or causing users to perform malicious actions on the site.
HashiCorp Boundary up to 0.10.1 did not properly perform data integrity checks to ensure the resources were associated with the correct scopes, allowing potential privilege escalation for authorized users of another scope. Fixed in Boundary 0.10.2.
See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.
More from HashiCorp.