CVE-2020-10660
The CVE-2020-10660 issue affects HashiCorp Vault and Vault Enterprise versions 0.9.0 through 1.3.3, where an Entity’s Group membership could inadvertently include Groups the Entity no longer has permissions to. The root cause is a mismanagement of group associations, enabling a bypass of access c...