CVE-2025-6037

Vault and Vault Enterprise “Vault” TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as +trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/certcertificate. In this configuration, an attacker may be able to...

CVE-2025-6037

CVE-2025-6037: HashiCorp Vault and Vault Enterprise TLS certificate authentication failed to validate client certificates when configured with non-CA certificates as trusted, potentially allowing impersonation. Affected products: Vault Community Edition and Vault Enterprise; root cause: incorrect...