CVE-2025-6013
A flaw was found in github.com/hashicorp/vault. The LDAP authentication method fails to properly enforce multi-factor authentication when usernameasalias is enabled and a user possesses multiple Common Names CNs containing differing leading or trailing spaces. A remote attacker authenticated as a...