CVE-2023-4680
published 2023-09-15CVE-2023-4680: HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The…
PriorityP342medium6.8CVSS 3.1
AVNACHPRLUINSUCHIHAN
EPSS
0.37%
28.6th percentile
HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | hashicorp_vault | >= 1.13.0 < 1.13.7 | 1.13.7 |
| github.com | hashicorp_vault | >= 1.14.0 < 1.14.3 | 1.14.3 |
| github.com | hashicorp_vault | >= 1.6.0 < 1.12.11 | 1.12.11 |
| hashicorp | vault | >= 1.12.0 < 1.12.11 | 1.12.11 |
| hashicorp | vault | >= 1.13.0 < 1.13.7 | 1.13.7 |
| hashicorp | vault | >= 1.14.0 < 1.14.3 | 1.14.3 |
| hashicorp | vault | >= 1.6.0 < 1.12.0 | 1.12.0 |
| hashicorp | vault | >= 1.6.0 < 1.12.11 | 1.12.11 |
| hashicorp | vault_enterprise | >= 1.12.0 < 1.12.11 | 1.12.11 |
| hashicorp | vault_enterprise | >= 1.13.0 < 1.13.7 | 1.13.7 |
| hashicorp | vault_enterprise | >= 1.14.0 < 1.14.3 | 1.14.3 |
| hashicorp | vault_enterprise | >= 1.6.0 < 1.12.0 | 1.12.0 |
CVSS provenance
nvdv3.16.8MEDIUMCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
vault: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault
vendor_redhat·2023-11-06·CVSS 6.8
CVE-2023-4680 [MEDIUM] CWE-20 vault: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault
vault: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault
HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.
A flaw was found in HashiCorp Vault and Vault Enterprise, where the transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to d
OSV
HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault
osv·2024-08-21
CVE-2023-4680 HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault
HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault
HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault
OSV
HashiCorp Vault Improper Input Validation vulnerability
osv·2023-09-15
CVE-2023-4680 [MEDIUM] HashiCorp Vault Improper Input Validation vulnerability
HashiCorp Vault Improper Input Validation vulnerability
HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.
GHSA
HashiCorp Vault Improper Input Validation vulnerability
ghsa·2023-09-15
CVE-2023-4680 [MEDIUM] CWE-20 HashiCorp Vault Improper Input Validation vulnerability
HashiCorp Vault Improper Input Validation vulnerability
HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-09-15
Published