3 matches found
CVE-2021-43998
creationtimestamp| type| source ---|---|--- 2021-11-30 18:34:26+00:00| seen| https://t.me/cibsecurity/33095...
CVE-2021-43998
HashiCorp Vault and Vault Enterprise were affected by a logic flaw in templated ACL policies: if an entity had multiple aliases for a given entity+mount, the policy could incorrectly apply and match the first-created alias. Affected versions are 0.11.0 through 1.7.5 and 1.8.4. The issue is fixed ...
CVE-2021-43998
HashiCorp Vault and Vault Enterprise 0.11.0 up to 1.7.5 and 1.8.4 templated ACL policies would always match the first-created entity alias if multiple entity aliases exist for a specified entity and mount combination, potentially resulting in incorrect policy enforcement. Fixed in Vault and Vault...