Vault and Vault Enterprise (“Vault”) TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as trusted certificate. In this configuration, an attacker may be able to craft a malicious certificate that could be used to bypass authentication. Fixed in Vault 1.15.5 and 1.14.10.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| github.com/hashicorp/vault(Go) | 1.15.0 | 1.15.5 | N/A |
| github.com/hashicorp/vault(Go) | 0 | 1.14.10 | N/A |
CVSS Metrics
