Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2023/04/25 2:51 p.m.45 views

CVE-2020-10661

A flaw was found in HashiCorp Vault and Vault Enterprise. This flaw allows a remote attacker to bypass security restrictions caused by an issue when the existing nested-path policies may give access to Namespaces created after the fact. By sending a specially crafted request, an attacker can bypa...

9.1CVSS8.6AI score0.01116EPSS
Exploits0References4
NVD
NVD
added 2020/03/23 1:15 p.m.13 views

CVE-2020-10661

HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing nested-path policies grant access to Namespaces created after-the-fact. Fixed in 1.3.4...

9.1CVSS9.2AI score0.01116EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/03/23 12:57 p.m.15 views

CVE-2020-10661

HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing nested-path policies grant access to Namespaces created after-the-fact. Fixed in 1.3.4...

9.2AI score0.01116EPSS
Exploits0References2
CVE
CVE
added 2020/03/23 12:57 p.m.83 views

CVE-2020-10661

CVE-2020-10661 affects HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3. Under certain circumstances, existing nested-path policies could grant access to Namespaces created after-the-fact. The issue is resolved in version 1.3.4 (fix described by the vendor). The connected docume...

9.1CVSS9AI score0.01116EPSS
Exploits0References2Affected Software1
Openbugbounty
Openbugbounty
added 2020/01/12 11:4 a.m.7 views

aekhb.de Cross Site Scripting vulnerability OBB-1066199

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.3AI score
Exploits0
Rows per page
Query Builder