CVE-2025-6015 Information

Aug 02, 2025 cve

Description

Vault and Vault Enterprise’s (“Vault”) login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1 1.19.7 1.18.12 and 1.16.23.

Reference

https://discuss.hashicorp.com/t/hcsec-2025-19-vault-login-mfa-bypass-of-rate-limiting-and-totp-token-reuse/76038

CNNVD-202508-082 (Published: 2025-08-01)

Share on:

CVE-2025-6015 Information

Description

Reference

Related CNNVD