0.001 Low
EPSS
Percentile
35.9%
github.com/hashicorp/vault is vulnerable to man-in-the-middle attack. The vulnerability exists due to missing hostnames validation when TLS is used to connect to Cassandra clusters.
discuss.hashicorp.com/t/hcsec-2021-10-vault-s-cassandra-integrations-did-not-validate-tls-certificates/23463