CVE-2024-9180

CVSS v4.0

8.6

High

Vector

AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions HashiCorp Vault versions prior to 1.18.0 HashiCorp Vault Enterprise versions prior to 1.18.0, 1.17.7, 1.16.11, and 1.15.16

Description A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s privileges to Vault’s root policy.

Recommendations For HashiCorp Vault versions prior to 1.18.0, update to Vault Community Edition 1.18.0 or later. For HashiCorp Vault Enterprise versions prior to 1.18.0, update to Vault Enterprise 1.18.0, 1.17.7, 1.16.11, or 1.15.16. As a temporary workaround, consider restricting write permissions to the root namespace’s identity endpoint until a patch is available.

Fix

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-266

Related Identifiers

ALT-PU-2024-17120

ALT-PU-2024-17177

ALT-PU-2024-17272

ALT-PU-2024-17791

BDU:2024-09147

BIT-VAULT-2024-9180

CVE-2024-9180

GHSA-RR8J-7W34-XP5J

GO-2024-3191

OPENSUSE-SU-2024:0350-1

OPENSUSE-SU-2024:14447-1

OPENSUSE-SU-2024_3911-1

SUSE-SU-2024:3911-1

Affected Products

Alt Linux

Hashicorp Vault

Hashicorp Vault Enterprise

Red Os

Suse

CVE-2024-9180

Weakness Enumeration

Related Identifiers

Affected Products

References · 86