CVE-2023-3462 — Observable Discrepancy in Hashicorp Vault

CWE-203 — Observable Discrepancy6 documents5 sources

Severity

5.3MEDIUMNVD

EPSS

1.0%

top 22.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Github.com Hashicorp Vault Hashicorp Vault Hashicorp Vault Enterprise

Timeline

PublishedJul 31

Latest updateAug 20

Description

HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. An attacker may submit requests of existent and non-existent LDAP users and observe the response from Vault to check if the account is valid on the LDAP server. This vulnerability is fixed in Vault 1.14.1 and 1.13.5.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages4 packages

▶CVEListV5hashicorp/vault_enterprise1.13.0 — 1.13.4+1

▶NVDhashicorp/vault1.13.0 — 1.13.5+1

▶Gogithub.com/hashicorp_vault1.14.0 — 1.14.1+1

▶CVEListV5hashicorp/vault1.13.0 — 1.13.4

🔴Vulnerability Details

OSV

HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault↗2024-08-20

▶

OSV

HashiCorp Vault and Vault Enterprise vulnerable to user enumeration↗2023-08-01

▶

GHSA

HashiCorp Vault and Vault Enterprise vulnerable to user enumeration↗2023-08-01

▶

📋Vendor Advisories

Red Hat

Hashicorp/vault: Vault’s LDAP Auth Method Allows for User Enumeration↗2023-07-31

▶

💬Community

Bugzilla

CVE-2023-52578 kernel: net: bridge: data races indata-races in br_handle_frame_finish()↗2024-03-04

▶