HashiCorpCVELIST:CVE-2023-24999CVE-2023-24999 Vault Fails to Verify if the AppRole SecretID Belongs to Role During a Destroy Operation
4.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.8%
HashiCorp Vault and Vault Enterprise’s approle auth method allowed any authenticated user with access to an approle destroy endpoint to destroy the secret ID of any other role by providing the secret ID accessor. This vulnerability is fixed in Vault 1.13.0, 1.12.4, 1.11.8, 1.10.11 and above.
CNA Affected
[
{
"vendor": "HashiCorp",
"product": "Vault",
"platforms": [
"Windows",
"MacOS",
"Linux",
"x86",
"ARM",
"64 bit",
"32 bit"
],
"repo": "https://github.com/hashicorp/vault",
"versions": [
{
"lessThan": "1.12.4",
"status": "affected",
"version": "1.12.0",
"versionType": "semver"
},
{
"lessThan": "1.11.8",
"status": "affected",
"version": "1.11.0",
"versionType": "semver"
},
{
"lessThan": "1.10.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"vendor": "HashiCorp",
"product": "Vault Enterprise",
"platforms": [
"Windows",
"MacOS",
"Linux",
"x86",
"ARM",
"64 bit",
"32 bit"
],
"versions": [
{
"lessThan": "1.12.4",
"status": "affected",
"version": "1.12.0",
"versionType": "semver"
},
{
"lessThan": "1.11.8",
"status": "affected",
"version": "1.11.0",
"versionType": "semver"
},
{
"lessThan": "1.10.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
4.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.8%