Headline
CVE-2021-38553: HCSEC-2021-20 - Vault’s Integrated Storage Backend Database File May Have Excessively Broad Permissions
HashiCorp Vault and Vault Enterprise 1.4.0 through 1.7.3 initialized an underlying database file associated with the Integrated Storage feature with excessively broad filesystem permissions. Fixed in Vault and Vault Enterprise 1.8.0.
Loading
Related news
Gentoo Linux Security Advisory 202207-01
Gentoo Linux Security Advisory 202207-1 - Multiple vulnerabilities have been discovered in HashiCorp Vault, the worst of which could result in denial of service. Versions less than 1.10.3 are affected.