Lucene search
PRIOn knowledge basePRION:CVE-2023-3462HistoryJul 31, 2023 - 11:15 p.m.
Denial of service
2023-07-3123:15:00
PRIOn knowledge base
www.prio-n.com
5
denial of service
user enumeration
ldap authentication
hashicorp's vault
vulnerability
fixed
HashiCorp’s Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. An attacker may submit requests of existent and non-existent LDAP users and observe the response from Vault to check if the account is valid on the LDAP server. This vulnerability is fixed in Vault 1.14.1 and 1.13.5.
Related
cgr
cgr
CVE-2023-3462 vulnerabilities
2024-05-19 03:07:16
osv
osv
CVE-2023-3462
2023-07-31 23:15:10
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration
2023-08-01 00:30:17
BIT-vault-2023-3462
2024-03-06 11:08:58
wolfi
wolfi
CVE-2023-3462 vulnerabilities
2024-06-26 09:08:30
cve
cve
CVE-2023-3462
2023-07-31 23:15:10
nvd
nvd
CVE-2023-3462
2023-07-31 23:15:10
github
github
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration
2023-08-01 00:30:17
redhatcve
redhatcve
CVE-2023-3462
2023-08-01 15:26:43
alpinelinux
alpinelinux
CVE-2023-3462
2023-07-31 23:15:00
cvelist
cvelist
CVE-2023-3462 Vault's LDAP Auth Method Allows for User Enumeration
2023-07-31 22:40:23
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps
2023-09-28 07:49:45
redhat
redhat