4 matches found
Authentication Bypass
github.com/openbao/openbao is vulnerable to Authentication Bypass. The vulnerability is due to using caller-supplied usernames as aliases without normalization when usernameasalias=true in the LDAP auth method, allowing bypass of MFA requirements...
The vulnerability of the LDAP protocol implementation in HashiCorp’s Vault and Vault Enterprise archiving platforms allows attackers to circumvent security restrictions and gain unauthorized access to protected information.
The vulnerability of the LDAP protocol implementation in HashiCorp Vault and Vault Enterprise, a platform for archiving corporate information, is related to the improper handling of gaps when processing the usernameasalias parameter. Exploiting this vulnerability can allow an attacker to bypass...
CVE-2025-6013
Vault and Vault Enterprise’s “Vault” ldap auth method may not have correctly enforced MFA if usernameasalias was set to true and a user had multiple CNs that are equal but with leading or trailing spaces. Fixed in Vault Community Edition 1.20.2 and Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and...
CVE-2025-6013
Vault and Vault Enterprise’s “Vault” ldap auth method may not have correctly enforced MFA if usernameasalias was set to true and a user had multiple CNs that are equal but with leading or trailing spaces. Fixed in Vault Community Edition 1.20.2 and Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and...