Описание
HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being reported.
Ссылки
- Release NotesThird Party Advisory
- Release NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.0 (исключая)
cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00306
Низкий
8.1 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-532
Связанные уязвимости
CVSS3: 7.3
redhat
около 7 лет назад
HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being reported.
CVSS3: 8.1
github
больше 3 лет назад
HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being reported.
EPSS
Процентиль: 53%
0.00306
Низкий
8.1 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-532