CVE-2025-4166Information Exposure via Error Message in Hashicorp Vault

CWE-209Information Exposure via Error MessageCWE-532Log File Information ExposureCWE-125Out-of-bounds Read10 documents5 sources
Severity
6.5MEDIUMNVD
NVD4.5
EPSS
0.1%
top 65.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
OpenbaoGithub.com Hashicorp VaultGithub.com Openbao Openbao SDK V2+7 more
Timeline
PublishedMay 2
Latest updateJun 26

Description

Vault Community and Vault Enterprise Key/Value (kv) Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is fixed in Vault Community 1.19.3 and Vault Enterprise 1.19.3, 1.18.9, 1.17.16, 1.16.20.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages11 packages

NVDhashicorp/vault0.3.01.16.20+4
Gogithub.com/hashicorp_vault0.3.01.19.3
CVEListV5openbao/openbao< 2.3.0
NVDopenbao/openbao< 2.2.2+1

🔴Vulnerability Details

6
GHSA
OpenBao Inserts Sensitive Information into Log File when processing malformed data2025-06-26
OSV
OpenBao Inserts Sensitive Information into Log File when processing malformed data2025-06-26
OSV
CVE-2025-52893: OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys2025-06-25
OSV
Hashicorp Vault Community vulnerable to Generation of Error Message Containing Sensitive Information in github.com/hashicorp/vault2025-05-06
OSV
Hashicorp Vault Community vulnerable to Generation of Error Message Containing Sensitive Information2025-05-02

📋Vendor Advisories

2
Red Hat
vault: Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin2025-05-02
Microsoft
Out-of-bounds Read in vim/vim2021-12-14