HashiCorp Vault and Vault Enterprise 1.4.0 through 1.7.3 initialized an underlying database file associated with the Integrated Storage feature with excessively broad filesystem permissions. Fixed in Vault and Vault Enterprise 1.8.0.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-08-13T15:48:47

Updated: 2024-08-04T01:44:23.384Z

Reserved: 2021-08-11T00:00:00

Link: CVE-2021-38553

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-08-13T16:15:08.080

Modified: 2024-11-21T06:17:25.407

Link: CVE-2021-38553

cve-icon Redhat

Severity : Low

Publid Date: 2021-08-13T00:00:00Z

Links: CVE-2021-38553 - Bugzilla