Lucene search
GoogleOSV:BIT-VAULT-2023-5077HistoryMar 06, 2024 - 11:08 a.m.
BIT-vault-2023-5077
2024-03-0611:08:23
Google
osv.dev
6
google
cloud
secrets
iam
conditions
vault
fixed
software
7.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
0.0005 Low
EPSS
Percentile
18.0%
The Vault and Vault Enterprise (“Vault”) Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Fixed in Vault 1.13.0.
Related
prion
prion
Design/Logic Flaw
2023-09-29 00:15:00
cvelist
cvelist
osv
osv
CVE-2023-5077
2023-09-29 00:15:12
nvd
nvd
CVE-2023-5077
2023-09-29 00:15:12
cgr
cgr
CVE-2023-5077 vulnerabilities
2024-05-19 03:07:16
cve
cve
CVE-2023-5077
2023-09-29 00:15:12
wolfi
wolfi
CVE-2023-5077 vulnerabilities
2024-06-30 03:08:34
alpinelinux
alpinelinux
CVE-2023-5077
2023-09-29 00:15:12
veracode
veracode
Incorrect Authorization
2023-10-13 12:35:41
redhatcve
redhatcve
CVE-2023-5077
2023-10-04 05:25:17
github
github
redhat
redhat
7.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
0.0005 Low
EPSS
Percentile
18.0%
Related for OSV:BIT-VAULT-2023-5077