0.001 Low
EPSS
Percentile
38.7%
github.com/hashicorp/vault is vulnerable to information disclosure. The server discloses internal IP addresses when responding to certain invalid andd unauthenticated HTTP requests.
discuss.hashicorp.com/t/hcsec-2021-02-vault-api-endpoint-exposed-internal-ip-address-without-authentication/20334