CVE-2023-4680

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-4680

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4680.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-4680

Aliases

Related

CGA-hhgm-mv22-ff57

Published

2023-09-15T00:15:07Z

Modified

2025-02-18T20:43:37Z

Severity

6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Summary

[none]

Details

HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.

References

https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249

Affected packages

Git / github.com/hashicorp/vault

Affected ranges

Type: GIT
Repo: https://github.com/hashicorp/vault
Events: Introduced

7ce0bd9691998e0443bc77e98b1e2a4ab1e965d4

Fixed

2036ba33e74b4548d7eacedd43d0d5c3a79e6cf6