Lucene search

GoogleOSV:GO-2024-2617

HistoryMar 14, 2024 - 5:13 p.m.

Authentication bypass in github.com/hashicorp/vault

2024-03-1417:13:04

Google

osv.dev

github

hashicorp

vault

tls certificate

authentication

method

client certificates

non-ca certificate

trusted certificate

attackers

craft

bypass

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

The TLS certificate authentication method incorrectly validates client certificates when configured with a non-CA certificate as a trusted certificate. When configured this way, attackers may be able to craft a certificate that can be used to bypass authentication.

CPENameOperatorVersion
github.com/hashicorp/vaultge1.15.0
github.com/hashicorp/vaultlt1.15.5
github.com/hashicorp/vaultlt1.14.10

Name	Operator	Version
github.com/hashicorp/vault	ge	1.15.0
github.com/hashicorp/vault	lt	1.15.5
github.com/hashicorp/vault	lt	1.14.10

References

discuss.hashicorp.com/t/hcsec-2024-05-vault-cert-auth-method-did-not-correctly-validate-non-ca-certificates/63382

nvd.nist.gov/vuln/detail/CVE-2024-2048

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for OSV:GO-2024-2617