CNNVD-202510-3209 Information

CNNVD ID

CNNVD-202510-3209

Related CVE

CVE-2025-12044

• CNNVD Published: 2025-10-23

Description (Chinese)

HashiCorp Vault Enterprise是美国HashiCorp公司的一个企业信息归档平台。 HashiCorp Vault Enterprise存在安全漏洞，该漏洞源于在处理JSON有效载荷时未应用速率限制，可能导致拒绝服务攻击。

Description (English)

HashiCorpVault Enterprise is a corporate information archiving platform of the United States company HashiCorp. There is a security loophole in HashiCorp Vault Enterprise, which stems from the non-application of speed limits in the handling of JSON payloads, which may lead to denial of service attacks.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

HashiCorp

Published

2025-10-23

Last Modified

2026-02-24

References

https://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710 https://access.redhat.com/security/cve/cve-2025-12044

Patch

https://www.hashicorp.com/en/products/vault