Описание
Improper Input Validation in vault-ssh-helper
HashiCorp vault-ssh-helper (github.com/hashicorp/vault-ssh-helper/helper) up to and including version 0.1.6 incorrectly accepted Vault-issued SSH OTPs for the subnet in which a host's network interface was located, rather than the specific IP address assigned to that interface. Fixed in 0.2.0.
Пакеты
Наименование
github.com/hashicorp/vault-ssh-helper
go
Затронутые версииВерсия исправления
< 0.2.0
0.2.0
Связанные уязвимости
CVSS3: 7.5
nvd
больше 5 лет назад
HashiCorp vault-ssh-helper up to and including version 0.1.6 incorrectly accepted Vault-issued SSH OTPs for the subnet in which a host's network interface was located, rather than the specific IP address assigned to that interface. Fixed in 0.2.0.