Lucene search
K

4 matches found

BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.7 views

The vulnerability of HashiCorp’s Vault and Vault Enterprise storage platforms, which stem from lack of access control mechanisms, allows attackers to gain access to potentially confidential information.

The vulnerability of the HashiCorp Vault and Vault Enterprise archiving platforms for corporate information lies in their lack of access control mechanisms. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to potentially confidential information...

9.4CVSS7.7AI score0.0076EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/09/04 12:0 a.m.6 views

The vulnerability of HashiCorp’s Vault and Vault Enterprise archiving platforms for corporate information lies in improper validation or processing of exceptional conditions, allowing attackers to trigger service failures.

The vulnerability of the HashiCorp Vault and Vault Enterprise archiving platforms relates to the improper handling of requests originating from unauthorized IP addresses. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS7.2AI score0.00491EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.4 views

The vulnerability of HashiCorp’s Vault and Vault Enterprise archiving platforms for corporate information lies in the improper assignment of permissions to critical resources, allowing attackers to increase their privileges.

The vulnerability of the HashiCorp Vault and Vault Enterprise archiving platforms for corporate information lies in the improper assignment of permissions to critical resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to increase their privileges...

7.8CVSS7.2AI score0.00436EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/12/13 12:0 a.m.6 views

The vulnerability of the `max_request_duration` component in the platform for archiving corporate information, HashiCorp Vault and Vault Enterprise, allows a perpetrator to trigger a service failure.

The vulnerability of the maxrequestduration component in the HashiCorp Vault and Vault Enterprise platforms for archiving corporate information involves unlimited resource allocation during HTTP request processing. Exploiting this vulnerability could allow a malicious actor to cause service...

7.8CVSS7.2AI score0.00792EPSS
Exploits0References4Affected Software3
Rows per page
Query Builder