CVE-2025-6203

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions HashiCorp Vault versions prior to 1.20.3 HashiCorp Vault Enterprise versions 1.19.9, 1.18.14, and 1.16.25

Description A malicious user can submit a specially crafted payload that results in excessive memory and CPU consumption, potentially leading to a timeout in Vault’s auditing subroutine and causing the server to become unresponsive. Approximately 123,600 services are potentially exposed worldwide. Over 29,800 vulnerable instances have been identified.

Recommendations HashiCorp Vault versions prior to 1.20.3 should be upgraded to version 1.20.3 or later. HashiCorp Vault Enterprise versions prior to 1.19.9 should be upgraded to version 1.19.9 or later. HashiCorp Vault Enterprise versions prior to 1.18.14 should be upgraded to version 1.18.14 or later. HashiCorp Vault Enterprise versions prior to 1.16.25 should be upgraded to version 1.16.25 or later.

Fix

DoS

Allocation of Resources Without Limits

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-400

Related Identifiers

BDU:2025-10637

BIT-VAULT-2025-6203

CVE-2025-6203

GHSA-8F82-53H8-2P34

GHSA-G46H-2RQ9-GW5M

GO-2025-3924

GO-2025-4039

OPENSUSE-SU-2025:15538-1

OPENSUSE-SU-2025:15579-1

SUSE-SU-2025:03289-1

Affected Products

Red Os

Vault Community Edition

Vault Enterprise

CVE-2025-6203

Weakness Enumeration

Related Identifiers

Affected Products

References · 75