Security Bulletin: Vault AWS Auth Method Authentication Bypass Through Mishandling of Cache Entries

Summary Vault and Vault Enterprise’s “Vault” AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault...

SUSE CVE-2025-11621

Vault and Vault Enterprise's “Vault” AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise...

CVE-2025-11621

Vault and Vault Enterprise’s “Vault” AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise...

BIT-VAULT-2025-11621 Vault AWS auth method bypass due to AWS client cache

Vault and Vault Enterprise’s “Vault” AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise...

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel via the AWS Auth method. An attacker can gain unauthorized access by exploiting mishandling of cache entries when the configured boundprincipaliam role is identical across AWS...

EUVD-2025-35715

HashiCorp Vault and Vault Enterprise's AWS Auth method may be susceptible to authentication bypass...

GHSA-9G4H-H484-3578 HashiCorp Vault and Vault Enterprise's AWS Auth method may be susceptible to authentication bypass

Vault and Vault Enterprise's "Vault" AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5,...

HashiCorp Vault and Vault Enterprise's AWS Auth method may be susceptible to authentication bypass

Vault and Vault Enterprise's "Vault" AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.21.0, 1.20.5,...

CVE-2025-11621 Vault AWS auth method bypass due to AWS client cache

Vault and Vault Enterprise’s “Vault” AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise...

CVE-2025-11621 Vault AWS auth method bypass due to AWS client cache

Vault and Vault Enterprise’s “Vault” AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise...

CVE-2025-11621

HashiCorp Vault and Vault Enterprise’s AWS Auth method is affected when the bound_principal_iam role is the same across AWS accounts or uses a wildcard, enabling an authentication bypass. The issue is fixed in Vault Community Edition 1.21.0 and Vault Enterprise in versions 1.21.0, 1.20.5, 1.19.11...

GHSA-JP7H-4F3C-9RC7 OpenBao AWS Plugin Vulnerable to Cross-Account IAM Role Impersonation in AWS Auth Method

Impact This is a cross-account impersonation vulnerability in the auth-aws plugin. The vulnerability allows an IAM role from an untrusted AWS account to authenticate by impersonating a role with the same name in a trusted account, leading to unauthorized access. This impacts all users of the...

HashiCorp Vault Enterprise 安全漏洞

HashiCorp Vault Enterprise is an enterprise information archiving platform from HashiCorp, Inc. in the United States. A security vulnerability exists in HashiCorp Vault Enterprise versions 1.21.0, 1.20.5, 1.19.11, and 1.16.27, which stems from the same or wildcard use of the boundprincipaliam rol...