CVE-2024-6468

Name of the Vulnerable Software and Affected Versions Vault and Vault Enterprise versions prior to 1.15.12 Vault and Vault Enterprise versions prior to 1.16.6 Vault and Vault Enterprise versions prior to 1.17.2

Description The issue is related to the improper handling of requests originating from unauthorized IP addresses when the TCP listener option, proxy protocol behavior, is set to deny unauthorized. This can cause the Vault API server to shut down and no longer respond to any HTTP requests, potentially resulting in denial of service. The estimated number of potentially affected devices worldwide is not available.

Recommendations For Vault and Vault Enterprise versions prior to 1.15.12, update to version 1.15.12 or later. For Vault and Vault Enterprise versions prior to 1.16.6, update to version 1.16.6 or later. For Vault and Vault Enterprise versions prior to 1.17.2, update to version 1.17.2 or later. As a temporary workaround, consider disabling the deny unauthorized option for the proxy protocol behavior until a patch is available. Restrict access to the Vault API server to minimize the risk of exploitation. Avoid using the proxy protocol authorized addrs variable in the affected TCP listener option until the issue is resolved.