HashiCorp Vault 1.x PKI Mount Auth Bypass (CVE-2023-0665)
CVE-2023-0665 Published on March 30, 2023
Vault PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata
HashiCorp Vault's PKI mount issuer endpoints did not correctly authorize access to remove an issuer or modify issuer metadata, potentially resulting in denial of service of the PKI mount. This bug did not affect public or private key material, trust chains or certificate issuance. Fixed in Vault 1.13.1, 1.12.5, and 1.11.9.
Vulnerability Analysis
CVE-2023-0665 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is an AuthZ Vulnerability?
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
CVE-2023-0665 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2023-0665
Want to know whenever a new CVE is published for HashiCorp Vault? stack.watch will email you.
Affected Versions
HashiCorp Vault:- Version 1.13.0 and below 1.13.1 is affected.
- Version 1.12.0 and below 1.12.5 is affected.
- Version 1.11.0 and below 1.11.9 is affected.
- Version 1.13.0 and below 1.13.1 is affected.
- Version 1.12.0 and below 1.12.5 is affected.
- Version 1.11.0 and below 1.11.9 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.