CNNVD-202508-078 Information
CNNVD ID
CNNVD-202508-078
Related CVE
- CNNVD Published: 2025-08-01
Description (Chinese)
HashiCorp Vault Enterprise和HashiCorp Vault Community Edition都是美国HashiCorp公司的产品。HashiCorp Vault Enterprise是一个企业信息归档平台。HashiCorp Vault Community Edition是一款密钥管理工具。 HashiCorp Vault Community Edition 1.20.0之前版本和HashiCorp Vault Enterprise 1.20.0、1.19.6、1.18.11和1.16.22之前版本存在安全漏洞,该漏洞源于权限提升,可能导致令牌特权提升。
Description (English)
HashiCorpVault Enterprise and HashiCorpVault Community Equality are products of the United States company HashiCorp. HashiCorp Vault Enterprise is a corporate information archiving platform. HashiCorpVault Commission is a key management tool. Previous versions of HashiCorp Vault Commission 1.20.0 and previous versions of HashiCorp Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22 have security loopholes, which are the result of increased privileges, which may lead to an increase in token privileges.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
HashiCorp
Published
2025-08-01
Last Modified
2026-02-24