Lucene search
Redhat.comRH:CVE-2020-10661HistoryApr 25, 2023 - 2:51 p.m.
CVE-2020-10661
2023-04-2514:51:21
redhat.com
access.redhat.com
18
hashicorp vault
security restrictions
remote attacker
bypass
specially crafted request
cve-2020-10661
0.002 Low
EPSS
Percentile
55.2%
A flaw was found in HashiCorp Vault and Vault Enterprise. This flaw allows a remote attacker to bypass security restrictions caused by an issue when the existing nested-path policies may give access to Namespaces created after the fact. By sending a specially crafted request, an attacker can bypass access restrictions.
Related
cve
cve
CVE-2020-10661
2020-03-23 13:15:13
osv
osv
HashiCorp Vault Improper Privilege Management
2024-01-30 23:40:40
HashiCorp Vault Improper Privilege Management in github.com/hashicorp/vault
2024-06-28 15:28:53
CVE-2020-10661
2020-03-23 13:15:13
prion
prion
Path traversal
2020-03-23 13:15:00
nvd
nvd
CVE-2020-10661
2020-03-23 13:15:13
veracode
veracode
Improper Privilege Management
2024-01-31 06:32:26
github
github
HashiCorp Vault Improper Privilege Management
2024-01-30 23:40:40
cvelist
cvelist
CVE-2020-10661
2020-03-23 12:57:03