6.8

CVE-2023-4680

HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.

Data is provided by the National Vulnerability Database (NVD)
HashicorpVault Version >= 1.6.0 < 1.12.11
HashicorpVault SwEditionenterprise Version >= 1.6.0 < 1.12.11
HashicorpVault Version >= 1.13.0 < 1.13.7
HashicorpVault SwEditionenterprise Version >= 1.13.0 < 1.13.7
HashicorpVault Version >= 1.14.0 < 1.14.3
HashicorpVault SwEditionenterprise Version >= 1.14.0 < 1.14.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 1.52% 0.806
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.8 1.6 5.2
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
security@hashicorp.com 6.8 1.6 5.2
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-323 Reusing a Nonce, Key Pair in Encryption

Nonces should be used for the present occasion and only once.