CVE-2023-4680

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-4680

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4680.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-4680

Aliases

Related

CGA-xw48-ghhj-4wcc

Published

2023-09-15T00:15:07.967Z

Modified

2026-02-13T02:38:54.897562Z

Severity

6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Summary

[none]

Details

HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.

References

https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249

Affected packages

Git / github.com/hashicorp/vault

Affected ranges

Type: GIT
Repo: https://github.com/hashicorp/vault
Events: Introduced

13a649f860186dffe3f3a4459814d87191efc321

Fixed

56debfa71653e72433345f23cd26276bc90629ce

Introduced

7ce0bd9691998e0443bc77e98b1e2a4ab1e965d4

Fixed

2036ba33e74b4548d7eacedd43d0d5c3a79e6cf6

Introduced

a4cf0dc4437de35fce4860857b64569d092a9b5a

Fixed

895eb72029d83fcefb8a079e056e7024d8dc6020

Affected versions

v1.*

v1.13.0

v1.13.1

v1.13.2

v1.13.3

v1.13.4

v1.13.5

v1.13.6

v1.14.0

v1.14.1

v1.14.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4680.json"