Vault: DoS via Raft join API (before 1.18.1)
CVE-2024-8185 Published on October 31, 2024

Vault Vulnerable to Denial of Service When Processing Raft Join Requests
Vault Community and Vault Enterprise (Vault) clusters using Vaults Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vault to consume excessive system memory resources, potentially leading to a crash of the underlying system and the Vault process itself. This vulnerability, CVE-2024-8185, is fixed in Vault Community 1.18.1 and Vault Enterprise 1.18.1, 1.17.8, and 1.16.12.

NVD

Weakness Type

What is a Failing Open Vulnerability?

When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions. By entering a less secure state, the product inherits the weaknesses associated with that state, making it easier to compromise. At the least, it causes administrators to have a false sense of security. This weakness typically occurs as a result of wanting to "fail functional" to minimize administration and support costs, instead of "failing safe."

CVE-2024-8185 has been classified to as a Failing Open vulnerability or weakness.


Products Associated with CVE-2024-8185

Want to know whenever a new CVE is published for HashiCorp Vault? stack.watch will email you.

HashiCorp Vault
 

Affected Versions

HashiCorp Vault: HashiCorp Vault Enterprise: hashicorp vault: hashicorp vault:

Exploit Probability

EPSS
0.59%
Percentile
68.67%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.