HashiCorp Vault and Vault Enterprise versions 0.9.0 through 1.3.3 may, under certain circumstances, have an Entity's Group membership inadvertently include Groups the Entity no longer has permissions to. Fixed in 1.3.4.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-03-23T12:55:42
Updated: 2024-08-04T11:06:10.655Z
Reserved: 2020-03-18T00:00:00
Link: CVE-2020-10660
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-03-23T13:15:13.127
Modified: 2024-11-21T04:55:47.377
Link: CVE-2020-10660
Redhat