← volver
CVE-2020-10660

CVE-2020-10660

EPSS 0.8%
HashiCorp Vault and Vault Enterprise versions 0.9.0 through 1.3.3 may, under certain circumstances, have an Entity's Group membership inadvertently include Groups the Entity no longer has permissions to. Fixed in 1.3.4.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#134-march-19th-2020https://www.hashicorp.com/blog/category/vault/