2 matches found
Security Bulletin: Vault AWS Auth Method Authentication Bypass Through Mishandling of Cache Entries
Summary Vault and Vault Enterprise’s “Vault” AWS Auth method may be susceptible to authentication bypass if the role of the configured boundprincipaliam is the same across AWS accounts, or uses a wildcard. This vulnerability, CVE-2025-11621, is fixed in Vault Community Edition 1.21.0 and Vault...
CVE-2025-11621
HashiCorp Vault and Vault Enterprise’s AWS Auth method is affected when the bound_principal_iam role is the same across AWS accounts or uses a wildcard, enabling an authentication bypass. The issue is fixed in Vault Community Edition 1.21.0 and Vault Enterprise in versions 1.21.0, 1.20.5, 1.19.11...