BIT-vault-2023-3774

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/vault/BIT-vault-2023-3774.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-vault-2023-3774

Aliases

CVE-2023-3774

Published

2024-03-06T11:08:50.391Z

Modified

2025-05-20T10:02:07.006Z

Summary

Vault Enterprise Namespace Creation May Lead to Denial of Service

Details

An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9.

Database specific

{
    "severity": "Medium",
    "cpes": [
        "cpe:2.3:a:hashicorp:vault:1.12.8:*:*:*:enterprise:*:*:*",
        "cpe:2.3:a:hashicorp:vault:1.13.4:*:*:*:enterprise:*:*:*",
        "cpe:2.3:a:hashicorp:vault:1.14.0:*:*:*:enterprise:*:*:*",
        "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*"
    ]
}

References

Affected packages

Bitnami / vault

Package

Name: vault
Purl: pkg:bitnami/vault

Severity

4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

1.12.8

Fixed

1.12.9

Introduced

1.13.4

Fixed

1.13.5

Introduced

1.14.0

Fixed

1.14.1