Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-0690
HistoryFeb 08, 2023 - 7:15 p.m.

Design/Logic Flaw

2023-02-0819:15:00
PRIOn knowledge base
www.prio-n.com
10
hashicorp boundary
pki worker
plaintext storage
automatic rotation
key management service

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker’s disk. This issue is fixed in version 0.12.0.

CPENameOperatorVersion
boundaryge0.10.0
boundarylt0.12.0

Related

osv 2
cve 1
cvelist 1
github 1
veracode 1
nvd 1
osv
osv
CVE-2023-0690
2023-02-08 19:15:11
HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured
2023-07-06 19:24:09
cve
cve
CVE-2023-0690
2023-02-08 19:15:11
cvelist
cvelist
CVE-2023-0690 Boundary Workers Store Rotated Credentials in Plaintext Even When a Key Management Service Configured
2023-02-08 18:27:33
github
github
HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured
2023-07-06 19:24:09
veracode
veracode
Information Disclosure
2023-02-13 02:06:31
nvd
nvd
CVE-2023-0690
2023-02-08 19:15:11

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON
Related for PRION:CVE-2023-0690
osv2cve1cvelist1github1veracode1nvd1