CVE-2025-5999

High CVSS: 7.2

A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s token privileges to Vault’s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22.

Vendor

Hashicorp

Product

Vault

CWE

CWE-266

Yayın Tarihi

2025-08-01 18:15:56

Güncelleme

2025-08-13 18:08:26

Source Identifier

security@hashicorp.com

KEV Date Added

Kategoriler

CWE-266 Vault HIGH Hashicorp 2025

Referanslar

https://discuss.hashicorp.com/t/hcsec-2025-13-vault-root-namespace-operator-may-elevate-token-privileges/76032

Benzer Kayıtlar

High

CVE-2025-13357

Vault’s Terraform Provider incorrectly set the default deny_null_bind parameter for the LDAP auth method to false by def…

Medium

CVE-2025-13432

Terraform state versions can be created by a user with specific but insufficient permissions in a Terraform Enterprise w…

Medium

CVE-2025-11374

Consul and Consul Enterprise’s (“Consul”) key/value endpoint is vulnerable to denial of service (DoS) due to incorrect C…

Medium

CVE-2025-11375

Consul and Consul Enterprise’s (“Consul”) event endpoint is vulnerable to denial of service (DoS) due to lack of maximum…

High

CVE-2025-12044

Vault and Vault Enterprise (“Vault”) are vulnerable to an unauthenticated denial of service when processing JSON payload…

High

CVE-2025-11621

Vault and Vault Enterprise’s (“Vault”) AWS Auth method may be susceptible to authentication bypass if the role of the co…