Lucene search

K
redosRedosROS-20241023-03
HistoryOct 23, 2024 - 12:00 a.m.

ROS-20241023-03

2024-10-2300:00:00
redos.red-soft.ru
hashicorp
vault
enterprise
privilege assignment
exploitation
remote access
unix

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

Low

A vulnerability in HashiCorp’s Vault and Vault Enterprise enterprise information archiving platforms
is related to improper privilege assignment. Exploitation of the vulnerability could allow an attacker,
acting remotely to escalate privileges

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64vault< 1.18.0-1UNKNOWN

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

Low