CVE-2020-25816
published 2020-09-30CVE-2020-25816: HashiCorp Vault and Vault Enterprise versions 1.0 and newer allowed leases created with a batch token to outlive their TTL because expiration time was not…
PriorityP433medium6.8CVSS 3.1
AVNACHPRLUINSUCHIHAN
EPSS
1.01%
58.8th percentile
HashiCorp Vault and Vault Enterprise versions 1.0 and newer allowed leases created with a batch token to outlive their TTL because expiration time was not scheduled correctly. Fixed in 1.4.7 and 1.5.4.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | hashicorp_vault | >= 1.0.0 < 1.5.4 | 1.5.4 |
| github.com | hashicorp_vault | >= 1.0.0-beta1 < 1.5.4 | 1.5.4 |
| hashicorp | vault | >= 1.0.0 < 1.4.7 | 1.4.7 |
| hashicorp | vault | >= 1.5.0 < 1.5.4 | 1.5.4 |
CVSS provenance
nvdv3.16.8MEDIUMCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
nvdv2.04.9MEDIUMAV:N/AC:M/Au:S/C:P/I:P/A:N
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Token leases could outlive their TTL in HashiCorp Vault in github.com/hashicorp/vault
osv·2024-06-28
CVE-2020-25816 Token leases could outlive their TTL in HashiCorp Vault in github.com/hashicorp/vault
Token leases could outlive their TTL in HashiCorp Vault in github.com/hashicorp/vault
Token leases could outlive their TTL in HashiCorp Vault in github.com/hashicorp/vault
GHSA
Token leases could outlive their TTL in HashiCorp Vault
ghsa·2022-05-24
CVE-2020-25816 [CRITICAL] CWE-613 Token leases could outlive their TTL in HashiCorp Vault
Token leases could outlive their TTL in HashiCorp Vault
HashiCorp Vault and Vault Enterprise 1.0 before 1.5.4 have Incorrect Access Control.
OSV
Token leases could outlive their TTL in HashiCorp Vault
osv·2022-05-24
CVE-2020-25816 [CRITICAL] Token leases could outlive their TTL in HashiCorp Vault
Token leases could outlive their TTL in HashiCorp Vault
HashiCorp Vault and Vault Enterprise 1.0 before 1.5.4 have Incorrect Access Control.
Red Hat
vault: Incorrect access control
vendor_redhat·2020-09-30·CVSS 6.8
CVE-2020-25816 [MEDIUM] CWE-284 vault: Incorrect access control
vault: Incorrect access control
HashiCorp Vault and Vault Enterprise versions 1.0 and newer allowed leases created with a batch token to outlive their TTL because expiration time was not scheduled correctly. Fixed in 1.4.7 and 1.5.4.
A flaw was found in HashiCorp Vault and Vault Enterprise. This flaw allows a remote attacker to bypass security restrictions caused by incorrect access control. By sending a specially crafted request, an attacker can bypass access restrictions.
Package: openshift4/ose-installer (Red Hat OpenShift Container Platform 4) - Not affected
Package: openshift4/topology-aware-lifecycle-manager-rhel8-operator (Red Hat OpenShift Container Platform 4) - Not affected
Package: ocs4/cephcsi-rhel8 (Red Hat Openshift Container Storage 4) - Out of support scope
Package: o
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-09-30
Published