CVE-2022-30689 is a vulnerability in HashiCorp Vault
Published on May 17, 2022
HashiCorp Vault and Vault Enterprise from 1.10.0 to 1.10.2 did not correctly configure and enforce MFA on login after server restarts. This affects the Login MFA feature introduced in Vault and Vault Enterprise 1.10.0 and does not affect the separate Enterprise MFA feature set. Fixed in 1.10.3.
Products Associated with CVE-2022-30689
Want to know whenever a new CVE is published for HashiCorp Vault? stack.watch will email you.
Exploit Probability
EPSS
0.36%
Percentile
57.74%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.