PT-2023-19853 · Hashicorp+1 · Hashicorp Vault+2
Published
2023-03-10
·
Updated
2025-05-26
·
CVE-2023-24999
CVSS v2.0
8.5
High
| Vector | AV:N/AC:L/Au:S/C:N/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
HashiCorp Vault and Vault Enterprise versions prior to 1.10.11
HashiCorp Vault and Vault Enterprise versions prior to 1.11.8
HashiCorp Vault and Vault Enterprise versions prior to 1.12.4
HashiCorp Vault and Vault Enterprise versions prior to 1.13.0
Description
The approle auth method in HashiCorp Vault and Vault Enterprise allowed any authenticated user with access to an approle destroy endpoint to destroy the secret ID of any other role by providing the secret ID accessor. This issue is related to the
/auth/approle/role/:role name/secret-id-accessor/destroy endpoint.Recommendations
For versions prior to 1.10.11, update to version 1.10.11 or above.
For versions prior to 1.11.8, update to version 1.11.8 or above.
For versions prior to 1.12.4, update to version 1.12.4 or above.
For versions prior to 1.13.0, update to version 1.13.0 or above.
As a temporary workaround, consider restricting access to the
/auth/approle/role/:role name/secret-id-accessor/destroy endpoint until a patch is applied.Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hashicorp Vault
Red Os
Vault Enterprise