6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
0.0005 Low
EPSS
Percentile
18.0%
github.com/hashicorp/vault is vulnerable to Improper Input Validation. The vulnerability is due to the transit secrets engine
which allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. This could allow an attacker to potentially decrypt arbitrary ciphertext and derive the authentication subkey.
discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249
github.com/hashicorp/vault/commit/8abe3cd68b89f2899003d3203649b2dbb6038b7b
github.com/hashicorp/vault/commit/9c2adca1e5c52dd1979c21b56f7c6a60e66ba5bf
github.com/hashicorp/vault/commit/ac9b65fdd922708e9755d5dd3c7ddcae373ae1e9
github.com/hashicorp/vault/pull/22852
github.com/hashicorp/vault/pull/22900