Описание
Vault and Vault Enterprise’s (“Vault”) login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
EPSS
Процентиль: 6%
0.00028
Низкий
5.7 Medium
CVSS3
Дефекты
CWE-307
Связанные уязвимости
CVSS3: 5.7
redhat
5 дней назад
Vault and Vault Enterprise’s (“Vault”) login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
CVSS3: 5.7
github
5 дней назад
Hashicorp Vault has Login MFA Rate Limit Bypass Vulnerability
EPSS
Процентиль: 6%
0.00028
Низкий
5.7 Medium
CVSS3
Дефекты
CWE-307