Name of the Vulnerable Software and Affected Versions:

Vault Community Edition versions 1.16.23, 1.18.12, and 1.19.7

Vault Enterprise versions 1.16.23, 1.18.12, and 1.19.7

Vault versions 1.20.0 and earlier

Description:

A privileged Vault operator within the root namespace with write permission to `{{sys/audit}}` may obtain code execution on the underlying host if a plugin directory is set in Vault’s configuration.

Recommendations:

Update to Vault Community Edition version 1.20.1 or later.

Update to Vault Enterprise version 1.20.1 or later.

Update to Vault version 1.19.7 or later.

Update to Vault version 1.18.12 or later.

Update to Vault version 1.16.23 or later.