CVE-2020-16250 — Authentication Bypass by Spoofing in Hashicorp Vault

CWE-290 — Authentication Bypass by Spoofing CWE-345 — Insufficient Verification of Data Authenticity8 documents6 sources

Severity

8.2HIGHNVD

EPSS

2.4%

top 15.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Github.com Hashicorp Vault Hashicorp Vault

Timeline

PublishedAug 26

Latest updateJun 18

Description

HashiCorp Vault and Vault Enterprise versions 0.7.1 and newer, when configured with the AWS IAM auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1..

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:NExploitability: 3.9 | Impact: 4.2

Affected Packages2 packages

▶NVDhashicorp/vault0.7.1 — 1.2.5+3

▶Gogithub.com/hashicorp_vault0.8.1 — 1.2.5+3

🔴Vulnerability Details

OSV

Authentication Bypass by Spoofing and Insufficient Verification of Data Authenticity in Hashicorp Vault in github.com/hashicorp/vault↗2024-08-21

▶

GHSA

Authentication Bypass by Spoofing and Insufficient Verification of Data Authenticity in Hashicorp Vault↗2021-08-02

▶

OSV

Authentication Bypass by Spoofing and Insufficient Verification of Data Authenticity in Hashicorp Vault↗2021-08-02

▶

Project0

Enter the Vault: Authentication Issues in HashiCorp Vault - Project Zero↗2020-10-01

▶

📋Vendor Advisories

Red Hat

vault: Hashicorp Vault AWS IAM Integration Authentication Bypass↗2020-08-26

▶

🕵️Threat Intelligence

Trailofbits

Unexpected security footguns in Go's parsers↗2025-06-18

▶

Trailofbits

Unexpected security footguns in Go's parsers↗2025-06-17

▶