Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-9180

Опубликовано: 10 окт. 2024
Источник: redhat
CVSS3: 7.2
EPSS Низкий

Описание

A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s privileges to Vault’s root policy. Fixed in Vault Community Edition 1.18.0 and Vault Enterprise 1.18.0, 1.17.7, 1.16.11, and 1.15.16.

A flaw was found in HashiCorp Vault. This vulnerability allows a privileged Vault operator with write permissions to the root namespace's identity endpoint to escalate their privileges to Vault’s root policy. A misconfiguration in Vault allows a privileged operator (someone with write permissions on the root namespace’s identity endpoint) to elevate privileges—either their own or another user’s—to the root policy level, effectively giving full administrative control.

Меры по смягчению последствий

This CVE can be mitigated by the following:

  • Upgrade to a version of Vault that has the fix.
  • Restrict write access to the root namespace’s identity endpoint.
  • Implement least privilege policies (e.g., via Sentinel) that limit what root-namespace operators can do.
  • Monitor audit logs: check for any “identity_policy” entries containing “root” to detect suspicious privilege escalations.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Openshift Container Storage 4ocs4/cephcsi-rhel8Affected
Red Hat Openshift Container Storage 4ocs4/mcg-rhel8-operatorAffected
Red Hat Openshift Container Storage 4ocs4/ocs-must-gather-rhel8Affected
Red Hat Openshift Container Storage 4ocs4/ocs-rhel8-operatorAffected
Red Hat Openshift Container Storage 4ocs4/rook-ceph-rhel8-operatorAffected
Red Hat Openshift Data Foundation 4odf4/cephcsi-rhel9Affected
Red Hat Openshift Data Foundation 4odf4/mcg-cli-rhel9Not affected
Red Hat Openshift Data Foundation 4odf4/mcg-rhel9-operatorNot affected
Red Hat Openshift Data Foundation 4odf4/odf-cli-rhel9Affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-266
https://bugzilla.redhat.com/show_bug.cgi?id=2317923hashicorp/vault: Vault Operators in Root Namespace May Elevate Their Privileges

EPSS

Процентиль: 50%
0.00269
Низкий

7.2 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2024-9180

CVSS3: 7.2
nvd
около 1 года назад

A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s privileges to Vault’s root policy. Fixed in Vault Community Edition 1.18.0 and Vault Enterprise 1.18.0, 1.17.7, 1.16.11, and 1.15.16.

github логотип

GHSA-rr8j-7w34-xp5j

CVSS3: 7.2
github
около 1 года назад

Vault Community Edition privilege escalation vulnerability

fstec логотип

BDU:2024-09147

CVSS3: 7.2
fstec
около 1 года назад

Уязвимость платформ для архивирования корпоративной информации HashiCorp Vault и Vault Enterprise, связанная с неправильным назначением привилегий, позволяющая нарушителю повысить свои привилегии

redos логотип

ROS-20241023-03

CVSS3: 7.2
redos
около 1 года назад

Уязвимость vault

suse-cvrf логотип

SUSE-SU-2024:3911-1

suse-cvrf
около 1 года назад

Security update for govulncheck-vulndb

EPSS

Процентиль: 50%
0.00269
Низкий

7.2 High

CVSS3