CNNVD-202508-080 Information
CNNVD ID
CNNVD-202508-080
Related CVE
- CNNVD Published: 2025-08-01
Description (Chinese)
HashiCorp Vault Enterprise和HashiCorp Vault Community Edition都是美国HashiCorp公司的产品。HashiCorp Vault Enterprise是一个企业信息归档平台。HashiCorp Vault Community Edition是一款密钥管理工具。 HashiCorp Vault Community Edition 1.20.1之前版本和HashiCorp Vault Enterprise 1.20.1、1.19.7、1.18.12和1.16.23之前版本存在安全漏洞,该漏洞源于时间侧信道,可能导致用户名枚举。
Description (English)
HashiCorpVault Enterprise and HashiCorpVault Community Equality are products of the United States company HashiCorp. HashiCorp Vault Enterprise is a corporate information archiving platform. HashiCorpVault Commission is a key management tool. There is a security loophole in HashiCorp Vault Commission 1.20.0.1 and HashiCorp Vault Enterprise 1.20.0.1, 1.19.7, 1.18.12 and 1.16.23, which originates from a time-side channel, which may lead to the listing of user names.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
HashiCorp
Published
2025-08-01
Last Modified
2026-02-24