Lucene search

CVE-2020-35453

🗓️ 17 Dec 2020 05:10:15Reported by mitreType

HashiCorp Vault Enterprise’s Sentinel EGP policy feature fixed in 1.5.6 and 1.6.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Veracode	Privilege Escalation	18 Dec 202007:19	–	veracode
Cvelist	CVE-2020-35453	17 Dec 202004:22	–	cvelist
OSV	BIT-vault-2020-35453	6 Mar 202411:11	–	osv
OSV	CVE-2020-35453	17 Dec 202005:15	–	osv
NVD	CVE-2020-35453	17 Dec 202005:15	–	nvd
Prion	Denial of service	17 Dec 202005:15	–	prion
RedhatCVE	CVE-2020-35453	23 Apr 202119:13	–	redhatcve

Nvd

Node

hashicorp vaultRange1.5.0–1.5.6-

hashicorp vaultRange1.5.0–1.5.6enterprise

hashicorp vaultRange1.6.0–1.6.1-

hashicorp vaultRange1.6.0–1.6.1enterprise

Source	Link
discuss	www.discuss.hashicorp.com/t/hcsec-2020-24-vault-enterprise-s-sentinel-egp-policies-may-impact-parent-or-sibling-namespaces/18983
github	www.github.com/hashicorp/vault/blob/master/CHANGELOG.md

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 Dec 2020 05:15Current

5.1Medium risk

Vulners AI Score5.1

CVSS25

CVSS35.3

EPSS0.00328