CVE-2021-41802 — Incorrect Permission Assignment in Hashicorp Vault

CWE-732 — Incorrect Permission Assignment CWE-269 — Improper Privilege Management5 documents4 sources

Severity

5.4MEDIUMNVD

EPSS

0.3%

top 51.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Github.com Hashicorp Vault Hashicorp Vault

Timeline

PublishedOct 8

Latest updateAug 21

Description

HashiCorp Vault and Vault Enterprise through 1.7.4 and 1.8.3 allowed a user with write permission to an entity alias ID sharing a mount accessor with another user to acquire this other user’s policies by merging their identities. Fixed in Vault and Vault Enterprise 1.7.5 and 1.8.4.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages2 packages

▶NVDhashicorp/vault1.8.0 — 1.8.4+1

▶Gogithub.com/hashicorp_vault1.8.0 — 1.8.4+1

🔴Vulnerability Details

OSV

Hashicorp Vault Privilege Escalation Vulnerability in github.com/hashicorp/vault↗2024-08-21

▶

OSV

Hashicorp Vault Privilege Escalation Vulnerability↗2021-10-12

▶

GHSA

Hashicorp Vault Privilege Escalation Vulnerability↗2021-10-12

▶

📋Vendor Advisories

Red Hat

vault: Incorrect Permission Assignment for Critical Resource↗2021-10-08

▶