HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.
History

Thu, 26 Sep 2024 17:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-323

Wed, 25 Sep 2024 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Hashicorp vault Enterprise
CPEs cpe:2.3:a:hashicorp:vault_enterprise:*:*:*:*:*:*:*:*
Vendors & Products Hashicorp vault Enterprise
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 27 Aug 2024 14:45:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

threat_severity

Moderate


cve-icon MITRE

Status: PUBLISHED

Assigner: HashiCorp

Published: 2023-09-14T23:06:24.546Z

Updated: 2024-09-26T17:38:48.629Z

Reserved: 2023-08-31T15:50:09.764Z

Link: CVE-2023-4680

cve-icon Vulnrichment

Updated: 2024-08-02T07:31:06.556Z

cve-icon NVD

Status : Modified

Published: 2023-09-15T00:15:07.967

Modified: 2024-11-21T08:35:40.467

Link: CVE-2023-4680

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-11-06T00:00:00Z

Links: CVE-2023-4680 - Bugzilla