Lucene search
K

5 matches found

NVD
NVD
added 2025/06/25 5:15 p.m.5 views

CVE-2025-52894

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 allowed an attacker to perform unauthenticated, unaudited cancellation of root rekey and recovery rekey operations, effecting a denial of...

7.5CVSS0.00331EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/25 4:59 p.m.10 views

CVE-2025-52894 OpenBao Vulnerable to Unauthenticated Rekey Operation Cancellation

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 allowed an attacker to perform unauthenticated, unaudited cancellation of root rekey and recovery rekey operations, effecting a denial of...

6.9CVSS0.00331EPSS
Exploits0References4
CVE
CVE
added 2025/06/25 4:59 p.m.38 views

CVE-2025-52894

CVE-2025-52894 affects OpenBao prior to v2.3.0, where an unauthenticated, unaudited cancellation of root rekey and recovery rekey operations could cause a denial of service. In OpenBao v2.2.0 and later, operators can disable the unauthed rekey endpoints on global listeners by setting disable_unau...

7.5CVSS7AI score0.00331EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/25 4:59 p.m.3 views

CVE-2025-52894 OpenBao Vulnerable to Unauthenticated Rekey Operation Cancellation

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 allowed an attacker to perform unauthenticated, unaudited cancellation of root rekey and recovery rekey operations, effecting a denial of...

6.9CVSS7AI score0.00331EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2025/06/25 4:59 p.m.4 views

CVE-2025-52894

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 allowed an attacker to perform unauthenticated, unaudited cancellation of root rekey and recovery rekey operations, effecting a denial of...

7.5CVSS7.1AI score0.00331EPSS
Exploits0
Rows per page
Query Builder