CVE-2021-42135
published 2021-10-11CVE-2021-42135: HashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine…
PriorityP342high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
EPSS
0.76%
50.5th percentile
HashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine. Users may, in some situations, have more privileges than intended, e.g., a user with read permission for the /gcp/roleset/* path may be able to issue Google Cloud service account credentials.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | hashicorp_vault | >= 1.8.0 < 1.8.5 | 1.8.5 |
| github.com | hashicorp_vault | 1.8.0 – 1.8.4 | — |
| hashicorp | vault | 1.8.0 – 1.8.4 | — |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
nvdv2.04.9MEDIUMAV:N/AC:M/Au:S/C:P/I:P/A:N
vendor_redhat8.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Incorrect Privilege Assignment in HashiCorp Vault in github.com/hashicorp/vault
osv·2024-08-21
CVE-2021-42135 Incorrect Privilege Assignment in HashiCorp Vault in github.com/hashicorp/vault
Incorrect Privilege Assignment in HashiCorp Vault in github.com/hashicorp/vault
Incorrect Privilege Assignment in HashiCorp Vault in github.com/hashicorp/vault
OSV
Incorrect Privilege Assignment in HashiCorp Vault
osv·2021-10-12
CVE-2021-42135 [HIGH] Incorrect Privilege Assignment in HashiCorp Vault
Incorrect Privilege Assignment in HashiCorp Vault
HashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine. Users may, in some situations, have more privileges than intended, e.g., a user with read permission for the /gcp/roleset/* path may be able to issue Google Cloud service account credentials.
GHSA
Incorrect Privilege Assignment in HashiCorp Vault
ghsa·2021-10-12
CVE-2021-42135 [HIGH] CWE-266 Incorrect Privilege Assignment in HashiCorp Vault
Incorrect Privilege Assignment in HashiCorp Vault
HashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine. Users may, in some situations, have more privileges than intended, e.g., a user with read permission for the /gcp/roleset/* path may be able to issue Google Cloud service account credentials.
Red Hat
vault: Google Cloud credential disclosure
vendor_redhat·2021-10-11·CVSS 8.1
CVE-2021-42135 [HIGH] CWE-863 vault: Google Cloud credential disclosure
vault: Google Cloud credential disclosure
HashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine. Users may, in some situations, have more privileges than intended, e.g., a user with read permission for the /gcp/roleset/* path may be able to issue Google Cloud service account credentials.
A flaw was found in the HashiCorp vault. Affected versions may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine. In some situations, users may have more privileges than intended.
Statement: This vulnerability is related to the Vault’s Google Cloud secrets engine documentation update. The Vault operators using the Google Cloud secrets engine should review
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://discuss.hashicorp.com/t/hcsec-2021-28-vaults-google-cloud-secrets-engine-policies-with-globs-may-provide-additional-privileges-in-vault-1-8-0-onwards/https://discuss.hashicorp.com/t/hcsec-2021-28-vaults-google-cloud-secrets-engine-policies-with-globs-may-provide-additional-privileges-in-vault-1-8-0-onwards/
2021-10-11
Published