HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.
References
Configurations
Configuration 1 (hide)
|
History
26 Sep 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-323 |
20 Sep 2023, 14:55
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-20 | |
First Time |
Hashicorp vault
Hashicorp |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
CPE | cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:* cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:* |
|
References | (MISC) https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249 - Vendor Advisory |
15 Sep 2023, 00:31
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-15 00:15
Updated : 2024-09-26 17:15
NVD link : CVE-2023-4680
Mitre link : CVE-2023-4680
CVE.ORG link : CVE-2023-4680
JSON object : View
Products Affected
hashicorp
- vault