PT-2025-31678 · Hashicorp · Vault Enterprise +1

Yarden Porat

Published

2025-08-01

Updated

2025-08-01

CVE-2025-6004

CVSS v3.1

5.3

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions:

Vault versions prior to 1.20.1

Vault Enterprise versions prior to 1.20.1, 1.19.7, 1.18.12, and 1.16.23

Description:

The user lockout feature in Vault and Vault Enterprise could be bypassed for Userpass and LDAP authentication methods.

Recommendations:

Update to Vault Community Edition version 1.20.1 or later.

Update to Vault Enterprise version 1.20.1, 1.19.7, 1.18.12, or 1.16.23 or later.

Fix

Improper Restriction of Excessive Authentication Attempts

Weakness Enumeration

CVE-2025-6004

GHSA-QGJ7-FMQ2-6CC4

Vault

Vault Enterprise