Количество 3
Количество 3
CVE-2025-5999
A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s token privileges to Vault’s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22.
CVE-2025-5999
A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s token privileges to Vault’s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22.
GHSA-6h4p-m86h-hhgh
Hashicorp Vault has Privilege Escalation Vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-5999 A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s token privileges to Vault’s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22. | CVSS3: 7.2 | 0% Низкий | 5 дней назад |
 | CVE-2025-5999 A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s token privileges to Vault’s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22. | CVSS3: 7.2 | 0% Низкий | 5 дней назад |
| GHSA-6h4p-m86h-hhgh Hashicorp Vault has Privilege Escalation Vulnerability | CVSS3: 7.2 | 0% Низкий | 5 дней назад |
Уязвимостей на страницу