Lucene search
GoogleOSV:BIT-VAULT-2024-2660HistoryMay 01, 2024 - 7:38 a.m.
BIT-vault-2024-2660
2024-05-0107:38:05
Google
osv.dev
7
vault
tls
certificate
validation
vulnerability
fixed
CVSS3
6.4
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
EPSS
0
Percentile
9.0%
Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. Fixed in Vault 1.16.0 and Vault Enterprise 1.16.1, 1.15.7, and 1.14.11.
Related
vulnrichment
vulnrichment
osv
osv
CGA-xxp5-jp4h-xgjm
2024-06-06 12:26:36
CGA-qwxw-2cf6-j68f
2024-07-15 22:05:49
CGA-99hv-xqw5-j922
2024-06-06 12:25:25
cgr
cgr
CVE-2024-2660 vulnerabilities
2024-05-19 03:07:16
cvelist
cvelist
veracode
veracode
Improper Certificate Validation
2024-04-05 11:38:59
cve
cve
CVE-2024-2660
2024-04-04 18:15:14
github
github
HashiCorpVault does not correctly validate OCSP responses
2024-04-04 18:30:34
nvd
nvd
CVE-2024-2660
2024-04-04 18:15:14
redhatcve
redhatcve
CVE-2024-2660
2024-04-05 12:56:14
wolfi
wolfi
CVE-2024-2660 vulnerabilities
2024-07-26 21:09:29
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-06-26 16:06:34
CVSS3
6.4
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
EPSS
0
Percentile
9.0%
Related for OSV:BIT-VAULT-2024-2660