Products
Vault
- Community Edition 1.17.6
- Enterprise 1.17.6
- 1.16.10
- 1.15.15
Source
security@hashicorp.com
Tags
CVE-2024-7594 details
Published : Sept. 26, 2024, 8:15 p.m.
Last Modified : Sept. 26, 2024, 8:15 p.m.
Last Modified : Sept. 26, 2024, 8:15 p.m.
Description
Vault’s SSH secrets engine did not require the valid_principals list to contain a value by default. If the valid_principals and default_user fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to authenticate as any user on the host. Fixed in Vault Community Edition 1.17.6, and in Vault Enterprise 1.17.6, 1.16.10, and 1.15.15.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7.5 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-732 | Incorrect Permission Assignment for Critical Resource | The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. |
CVSS Data
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
7.5
Exploitability Score
1.6
Impact Score
5.9
Base Severity
HIGH
Vector String : CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References
| URL | Source |
|---|---|
| https://discuss.hashicorp.com/t/hcsec-2024-20-vault-ssh-secrets-engine-configuration-did-not-restrict-valid-principals-by-default/70251 | security@hashicorp.com |
This website uses the NVD API, but is not approved or certified by it.