Vault Enterprise Namespace Crash <1.14.1 (CVE20233774)
CVE-2023-3774 Published on July 28, 2023
Vault Enterprise Namespace Creation May Lead to Denial of Service
An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9.
Weakness Type
Uncaught Exception
An exception is thrown from a function, but it is not caught. When an exception is not caught, it may cause the program to crash or expose sensitive information.
Products Associated with CVE-2023-3774
Want to know whenever a new CVE is published for HashiCorp Vault? stack.watch will email you.
Affected Versions
HashiCorp Vault Enterprise:- Version 1.14.0 is affected.
- Version 1.13.4 is affected.
- Version 1.12.8 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.