#VU66116 Permissions, Privileges, and Access Controls in Vault Enterprise and Vault - CVE-2021-45042

Cybersecurity Help s.r.o.

Published: 2022-08-04

Vulnerability identifier: #VU66116

Vulnerability risk: Low

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-45042

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Vault Enterprise
Web applications / Modules and components for CMS
Vault
Web applications / Modules and components for CMS

Vendor: HashiCorp

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly impose security restrictions in clusters using the Integrated Storage backend. A remote user with write permissions to a kv secrets engine can cause a panic and denial of service of the storage backend.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Vault Enterprise: 1.4.0 - 1.4.7, 1.5.0 - 1.5.9, 1.6.0 - 1.6.7, 1.7.0 - 1.7.6, 1.8.0 - 1.8.5, 1.9.0

Vault: 1.4.0 - 1.4.7, 1.5.0 - 1.5.9, 1.6.0 - 1.6.7, 1.7.0 - 1.7.6, 1.8.0 - 1.8.5, 1.9.0

External links
https://discuss.hashicorp.com/t/hcsec2-21-33-vault-s-kv-secrets-engine-with-integrated-storage-exposed-to-authenticated-denial-of-service/33157
https://www.hashicorp.com/blog/category/vault

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for HashiCorp Vault

Denial of service in HashiCorp Vault