CVE-2023-4680

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-4680

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4680.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-4680

Aliases

Related

CGA-hhgm-mv22-ff57

Withdrawn

2024-05-15T05:33:00.505433Z

Published

2023-09-15T00:15:07Z

Modified

2024-08-21T14:56:45.605099Z

Severity

6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Summary

[none]

Details

HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.

References

https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249

Affected packages

Git / github.com/hashicorp/vault

Affected ranges

Type: GIT
Repo: https://github.com/hashicorp/vault
Events: Introduced

a4cf0dc4437de35fce4860857b64569d092a9b5a

Fixed

895eb72029d83fcefb8a079e056e7024d8dc6020

Introduced

13a649f860186dffe3f3a4459814d87191efc321

Introduced

7ce0bd9691998e0443bc77e98b1e2a4ab1e965d4

Affected versions

v1.*

v1.13.0

v1.13.1

v1.13.2

v1.13.3

v1.13.4

v1.13.5

v1.13.6