Main Vulnerability Database Vulnerabilities #VU68254

Improper Authentication in Vault and Vault Enterprise - CVE-2022-41316

Published: October 12, 2022

Vulnerability identifier: #VU68254

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2022-41316

CWE-ID: CWE-287

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: HashiCorp

Affected software:
Vault
Vault Enterprise

Detailed vulnerability description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in the Certificate Revocation Lists (CRLs) implementation, which prevented Vault from denying access to users with revoked certificates without application reboot. As a result, when using TLS certificate authentication, Vault did not correctly perform CRL revocation checks if login occurred between Vault startup (or invalidation) and a manual retrieval of the CRL, allowing users to continue using the application with revoked certificates.

How to mitigate CVE-2022-41316

Install updates from vendor's website.

Sources

https://discuss.hashicorp.com/t/hcsec-2022-24-vaults-tls-cert-auth-method-only-loaded-crl-after-first-request/45483

Improper Authentication in Vault and Vault Enterprise - CVE-2022-41316

Detailed vulnerability description

How to mitigate CVE-2022-41316

Sources

Please verify you're human