Lucene search
K

Vault Enterprise’s DR Secondaries Allowed Raft Peer Removal Without Authentication

🗓️ 29 Jan 2021 22:33:42Reported by HashiCorp Security TeamType 
hashicorp
 hashicorp
🔗 discuss.hashicorp.com👁 5 Views

Vault Enterprise DR secondaries allow remove-peer without authentication; upgrade to 1.6.2 or newer.

Related
Detection
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2021-3282
1 Feb 202116:15
attackerkb
AlpineLinux
CVE-2021-3282
1 Feb 202115:38
alpinelinux
Circl
CVE-2021-3282
1 Feb 202119:25
circl
CNNVD
HashiCorp Vault Enterprise 授权问题漏洞
1 Feb 202100:00
cnnvd
CNVD
HashiCorp Vault Enterprise Unauthorized Access Vulnerability
3 Feb 202100:00
cnvd
CVE
CVE-2021-3282
1 Feb 202115:38
cve
Cvelist
CVE-2021-3282
1 Feb 202115:38
cvelist
EUVD
EUVD-2024-0421
3 Oct 202520:07
euvd
Tenable Nessus
GLSA-202207-01 : HashiCorp Vault: Multiple Vulnerabilities
2 Aug 202200:00
nessus
Github Security Blog
Improper Authentication in HashiCorp Vault
31 Jan 202423:22
github
Rows per page
Vulners
Node
hashicorpvaultRange<1.6.2enterprise
OR
hashicorpvaultRange<1.6.2enterprise

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

29 Jan 2021 22:33Current
7High risk
Vulners AI Score7
CVSS 25
CVSS 3.17.5
EPSS0.01299
5