Vault Azure Auth Claims Validation Bypass (1.19.1+)
CVE-2025-3879 Published on May 2, 2025
Vault’s Azure Authentication Method bound_location Restriction Could be Bypassed on Login
Vault Community, Vault Enterprise (Vault) Azure Auth method did not correctly validate the claims in the Azure-issued token, resulting in the potential bypass of the bound_locations parameter on login. Fixed in Vault Community Edition 1.19.1 and Vault Enterprise 1.19.1, 1.18.7, 1.17.14, 1.16.18.
Weakness Type
What is an AuthZ Vulnerability?
The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
CVE-2025-3879 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2025-3879
Want to know whenever a new CVE is published for HashiCorp Vault? stack.watch will email you.
Affected Versions
HashiCorp Vault:- Version 0.10.0 and below 1.19.1 is affected.
- Version 0.10.0 and below 1.19.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.