CVE-2023-24999

Published: Mar 11, 2023Modified: Nov 21, 2024

8.1

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Exploitability: 2.8 / Impact: 5.2

Source: NVD

Description

HashiCorp Vault and Vault Enterprise’s approle auth method allowed any authenticated user with access to an approle destroy endpoint to destroy the secret ID of any other role by providing the secret ID accessor. This vulnerability is fixed in Vault 1.13.0, 1.12.4, 1.11.8, 1.10.11 and above.

Affected (6)

Products: Hashicorp: Vault

Hashicorp

1 product

Vault

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Hashicorp Vault	Before 1.10.11
Hashicorp Vault	From 1.11.0 to 1.11.8
Hashicorp Vault	From 1.12.0 to 1.12.4
Hashicorp Vault	Before 1.10.11
Hashicorp Vault	From 1.11.0 to 1.11.8
Hashicorp Vault	From 1.12.0 to 1.12.4

Related CWEs

CWE-863

Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (4)

https://discuss.hashicorp.com/t/hcsec-2023-07-vault-fails-to-verify-if-approle-secretid-belongs-to-role-during-a-destroy-operation/51305

Source: security@hashicorp.com

Vendor Advisory

https://security.netapp.com/advisory/ntap-20230505-0001/

Source: security@hashicorp.com

https://discuss.hashicorp.com/t/hcsec-2023-07-vault-fails-to-verify-if-approle-secretid-belongs-to-role-during-a-destroy-operation/51305

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://security.netapp.com/advisory/ntap-20230505-0001/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.