ROS-20251128-03

A vulnerability in the Vault access control system and Vault enterprise information archiving platform Enterprise is related to authentication bypass using an alternate path or channel in AWS authentication method. AWS authentication method. Exploitation of the vulnerability could allow an attack...

HashiCorp Vault and Vault Enterprise's AWS Auth method may be susceptible to authentication bypass

Vault and Vault Enterprise's "Vault" AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5,...

PT-2025-43548

Name of the Vulnerable Software and Affected Versions Vault versions prior to 1.21.0 Vault Enterprise versions prior to 1.21.0, 1.20.5, 1.19.11, and 1.16.27 Description The AWS Auth method in Vault and Vault Enterprise may allow authentication bypass if the bound principal iam role is identical...

CVE-2024-41178 Apache Arrow Rust Object Store: AWS WebIdentityToken exposure in log files

Exposure of temporary credentials in logs in Apache Arrow Rust Object Store objectstore crate, version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens. On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity...

TomTom: Listing of Amazon S3 Bucket accessible to any amazon authenticated user (vector-maps-e457472599)

Summary: It's possible to get a listing of every files in the S3 bucket vector-maps-e457472599 Description: The problem is using the AWS command line, it's possible to get a listing of files in the Amazon S3 Bucket with an AWS authentication. See screenshot vector-maps-e457472599publics3bucket.pn...