3 matches found
CVE-2021-3282
HashiCorp Vault Enterprise 1.6.0 & 1.6.1 allowed the remove-peer raft operator command to be executed against DR secondaries without authentication. Fixed in 1.6.2...
CVE-2021-3282
CVE-2021-3282 affects HashiCorp Vault Enterprise 1.6.0 and 1.6.1, where the remove-peer raft operator command could be executed against disaster-recovery (DR) secondary nodes without authentication. The underlying issue allowed an unauthenticated action on DR secondaries, potentially enabling una...
CVE-2021-3282
HashiCorp Vault Enterprise 1.6.0 & 1.6.1 allowed the remove-peer raft operator command to be executed against DR secondaries without authentication. Fixed in 1.6.2...