SB2020033005 - Multiple vulnerabilities in HashiCorp Vault and Vault Enterprise

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-10661)

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to the affected software may have existing nested-path policies grant access to Namespaces created after-the-fact. A remote attacker can gain elevated privileges on the target system.

2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-10660)

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to, under certain circumstances, an Entity's Group membership inadvertently includes Groups the Entity no longer has permissions to. A remote authenticated attacker can gain elevated privileges on the target system.

Remediation

Install update from vendor's website.

References

• https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#134-march-19th-2020
• https://www.hashicorp.com/blog/category/vault/
• https://github.com/hashicorp/vault/commit/18485ee9d4352ac8e8396c580b5941ccf8e5b31a