HashiCorp Vault Enterprise 1.6.0 & 1.6.1 allowed the `remove-peer` raft operator command to be executed against DR secondaries without authentication. Fixed in 1.6.2.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-02-01T15:38:48
Updated: 2024-08-03T16:53:16.031Z
Reserved: 2021-01-22T00:00:00
Link: CVE-2021-3282
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-02-01T16:15:13.280
Modified: 2024-11-21T06:21:12.870
Link: CVE-2021-3282
Redhat