CVE-2023-3462
published 2023-07-31CVE-2023-3462: HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. An attacker may submit requests of existent and…
PriorityP428medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.61%
44.9th percentile
HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. An attacker may submit requests of existent and non-existent LDAP users and observe the response from Vault to check if the account is valid on the LDAP server. This vulnerability is fixed in Vault 1.14.1 and 1.13.5.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | hashicorp_vault | >= 0 < 1.13.5 | 1.13.5 |
| github.com | hashicorp_vault | >= 1.14.0 < 1.14.1 | 1.14.1 |
| hashicorp | vault | — | — |
| hashicorp | vault | >= 1.13.0 < 1.13.5 | 1.13.5 |
| hashicorp | vault | 1.13.0 – 1.13.4 | — |
| hashicorp | vault_enterprise | — | — |
| hashicorp | vault_enterprise | 1.13.0 – 1.13.4 | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
vendor_redhat5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault
osv·2024-08-20
CVE-2023-3462 HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault
OSV
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration
osv·2023-08-01
CVE-2023-3462 [MEDIUM] HashiCorp Vault and Vault Enterprise vulnerable to user enumeration
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration
HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. An attacker may submit requests of existent and non-existent LDAP users and observe the response from Vault to check if the account is valid on the LDAP server. This vulnerability is fixed in Vault 1.14.1 and 1.13.5.
GHSA
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration
ghsa·2023-08-01
CVE-2023-3462 [MEDIUM] CWE-203 HashiCorp Vault and Vault Enterprise vulnerable to user enumeration
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration
HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. An attacker may submit requests of existent and non-existent LDAP users and observe the response from Vault to check if the account is valid on the LDAP server. This vulnerability is fixed in Vault 1.14.1 and 1.13.5.
Red Hat
Hashicorp/vault: Vault’s LDAP Auth Method Allows for User Enumeration
vendor_redhat·2023-07-31·CVSS 5.3
CVE-2023-3462 [MEDIUM] CWE-203 Hashicorp/vault: Vault’s LDAP Auth Method Allows for User Enumeration
Hashicorp/vault: Vault’s LDAP Auth Method Allows for User Enumeration
HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. An attacker may submit requests of existent and non-existent LDAP users and observe the response from Vault to check if the account is valid on the LDAP server. This vulnerability is fixed in Vault 1.14.1 and 1.13.5.
A flaw was found in the HashiCorp Vault. The Vault and Vault Enterprise (“Vault”) LDAP auth method allows unauthenticated users to potentially enumerate valid accounts in the configured LDAP system by observing the response error when querying usernames.
Package: openshift-logging/logging-loki-rhel8 (Logging Subsystem for Red Hat OpenShift) - Not affected
Package: openshift4/topology-aware-lifecycle
No detection rules found.
No public exploits indexed.
2023-07-31
Published