CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.
[
{
"cpes": [
"cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*"
],
"vendor": "hashicorp",
"product": "vault",
"versions": [
{
"status": "affected",
"version": "1.14.0",
"lessThan": "1.14.3",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.13.0",
"lessThan": "1.13.7",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.12.0",
"lessThan": "1.12.11",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.6.0",
"lessThan": "1.12.0",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:hashicorp:vault_enterprise:*:*:*:*:*:*:*:*"
],
"vendor": "hashicorp",
"product": "vault_enterprise",
"versions": [
{
"status": "affected",
"version": "1.14.0",
"lessThan": "1.14.3",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.13.0",
"lessThan": "1.13.7",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.12.0",
"lessThan": "1.12.11",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.6.0",
"lessThan": "1.12.0",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
total