CVE-2025-6004

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Vault versions prior to 1.20.1 Vault Enterprise versions prior to 1.20.1, 1.19.7, 1.18.12, and 1.16.23

Description The user lockout feature in Vault and Vault Enterprise could be bypassed for Userpass and LDAP authentication methods.

Recommendations Update to Vault Community Edition version 1.20.1 or later. Update to Vault Enterprise version 1.20.1, 1.19.7, 1.18.12, or 1.16.23 or later.

Fix

Improper Restriction of Excessive Authentication Attempts

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-307

Related Identifiers

ALT-PU-2025-12480

ALT-PU-2025-12489

BDU:2025-09564

BIT-VAULT-2025-6004

CVE-2025-6004

GHSA-J3XV-7FXP-GFHX

GHSA-QGJ7-FMQ2-6CC4

GO-2025-3840

GO-2025-3855

OPENSUSE-SU-2025:15434-1

OPENSUSE-SU-2025:15460-1

SUSE-SU-2025:02912-1

Affected Products

Alt Linux

Red Os

Vault

Vault Enterprise

CVE-2025-6004

Weakness Enumeration

Related Identifiers

Affected Products

References · 57