CVE-2025-6013 — Improper Neutralization of Whitespace in Vault Enterprise

CWE-156 — Improper Neutralization of Whitespace7 documents4 sources

Severity

8.1HIGHNVD

EPSS

0.0%

top 90.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Hashicorp Vault Enterprise Github.com Hashicorp Vault Github.com Openbao Openbao +1 more

Timeline

PublishedAug 6

Latest updateAug 11

Description

Vault and Vault Enterprise’s (“Vault”) ldap auth method may not have correctly enforced MFA if username_as_alias was set to true and a user had multiple CNs that are equal but with leading or trailing spaces. Fixed in Vault Community Edition 1.20.2 and Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and 1.16.24.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.2

Affected Packages4 packages

▶CVEListV5hashicorp/vault_enterprise1.10.0 — 1.20.2

▶NVDhashicorp/vault1.10.0 — 1.20.2+5

▶Gogithub.com/hashicorp_vault< 1.20.2

▶Gogithub.com/openbao_openbao0.1.0 — 2.3.2+1

🔴Vulnerability Details

OSV

HashiCorp Vault ldap auth method may not have correctly enforced MFA in github.com/hashicorp/vault↗2025-08-11

▶

OSV

OpenBao LDAP MFA Enforcement Bypass When Using Username As Alias↗2025-08-08

▶

GHSA

OpenBao LDAP MFA Enforcement Bypass When Using Username As Alias↗2025-08-08

▶

OSV

HashiCorp Vault ldap auth method may not have correctly enforced MFA↗2025-08-06

▶

GHSA

HashiCorp Vault ldap auth method may not have correctly enforced MFA↗2025-08-06

▶

📋Vendor Advisories

Red Hat

github.com/hashicorp/vault: Vault LDAP MFA Bypass↗2025-08-06

▶