Vulnerability-Lookup

CVE-2023-4680 (GCVE-0-2023-4680)

Vulnerability from cvelistv5 – Published: 2023-09-14 23:06 – Updated: 2024-09-26 17:38

Title

Vault's Transit Secrets Engine Allowed Nonce Specified without Convergent Encryption

Summary

HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.

Severity ?

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-323 - Reusing a Nonce, Key Pair in Encryption

Assigner

HashiCorp

References

URL

Tags

https://discuss.hashicorp.com/t/hcsec-2023-28-vau…

Impacted products

Vendor

Product

Version

HashiCorp

Vault

Affected: 1.14.0 , < 1.14.3 (semver)
Affected: 1.13.0 , < 1.13.7 (semver)
Affected: 1.12.0 , < 1.12.11 (semver)
Affected: 1.6.0 , < 1.12.0 (semver)

HashiCorp

Vault Enterprise

Affected: 1.14.0 , < 1.14.3 (semver)
Affected: 1.13.0 , < 1.13.7 (semver)
Affected: 1.12.0 , < 1.12.11 (semver)
Affected: 1.6.0 , < 1.12.0 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:31:06.556Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "vault",
            "vendor": "hashicorp",
            "versions": [
              {
                "lessThan": "1.14.3",
                "status": "affected",
                "version": "1.14.0",
                "versionType": "custom"
              },
              {
                "lessThan": "1.13.7",
                "status": "affected",
                "version": "1.13.0",
                "versionType": "custom"
              },
              {
                "lessThan": "1.12.11",
                "status": "affected",
                "version": "1.12.0",
                "versionType": "custom"
              },
              {
                "lessThan": "1.12.0",
                "status": "affected",
                "version": "1.6.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hashicorp:vault_enterprise:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "vault_enterprise",
            "vendor": "hashicorp",
            "versions": [
              {
                "lessThan": "1.14.3",
                "status": "affected",
                "version": "1.14.0",
                "versionType": "custom"
              },
              {
                "lessThan": "1.13.7",
                "status": "affected",
                "version": "1.13.0",
                "versionType": "custom"
              },
              {
                "lessThan": "1.12.11",
                "status": "affected",
                "version": "1.12.0",
                "versionType": "custom"
              },
              {
                "lessThan": "1.12.0",
                "status": "affected",
                "version": "1.6.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-4680",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-25T19:52:32.242060Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-25T19:58:36.730Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Vault",
          "repo": "https://github.com/hashicorp/vault",
          "vendor": "HashiCorp",
          "versions": [
            {
              "lessThan": "1.14.3",
              "status": "affected",
              "version": "1.14.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.13.7",
              "status": "affected",
              "version": "1.13.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.12.11",
              "status": "affected",
              "version": "1.12.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.12.0",
              "status": "affected",
              "version": "1.6.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Vault Enterprise",
          "repo": "https://github.com/hashicorp/vault",
          "vendor": "HashiCorp",
          "versions": [
            {
              "lessThan": "1.14.3",
              "status": "affected",
              "version": "1.14.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.13.7",
              "status": "affected",
              "version": "1.13.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.12.11",
              "status": "affected",
              "version": "1.12.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.12.0",
              "status": "affected",
              "version": "1.6.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eHashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.\u003c/p\u003e\u003cbr/\u003e"
            }
          ],
          "value": "HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-220",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-220: Cryptanalysis"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-323",
              "description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-26T17:38:48.629Z",
        "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
        "shortName": "HashiCorp"
      },
      "references": [
        {
          "url": "https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249"
        }
      ],
      "source": {
        "advisory": "HCSEC-2023-28",
        "discovery": "EXTERNAL"
      },
      "title": "Vault\u0027s Transit Secrets Engine Allowed Nonce Specified without Convergent Encryption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
    "assignerShortName": "HashiCorp",
    "cveId": "CVE-2023-4680",
    "datePublished": "2023-09-14T23:06:24.546Z",
    "dateReserved": "2023-08-31T15:50:09.764Z",
    "dateUpdated": "2024-09-26T17:38:48.629Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T07:31:06.556Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-4680\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-25T19:52:32.242060Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*\"], \"vendor\": \"hashicorp\", \"product\": \"vault\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.14.0\", \"lessThan\": \"1.14.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.13.0\", \"lessThan\": \"1.13.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.12.0\", \"lessThan\": \"1.12.11\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.6.0\", \"lessThan\": \"1.12.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:hashicorp:vault_enterprise:*:*:*:*:*:*:*:*\"], \"vendor\": \"hashicorp\", \"product\": \"vault_enterprise\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.14.0\", \"lessThan\": \"1.14.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.13.0\", \"lessThan\": \"1.13.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.12.0\", \"lessThan\": \"1.12.11\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.6.0\", \"lessThan\": \"1.12.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-25T19:58:23.754Z\"}}], \"cna\": {\"title\": \"Vault\u0027s Transit Secrets Engine Allowed Nonce Specified without Convergent Encryption\", \"source\": {\"advisory\": \"HCSEC-2024-28\", \"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-220\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-220: Cryptanalysis\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 6.8, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/hashicorp/vault\", \"vendor\": \"HashiCorp\", \"product\": \"Vault\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.14.0\", \"lessThan\": \"1.14.3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.13.0\", \"lessThan\": \"1.13.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.12.0\", \"lessThan\": \"1.12.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.6.0\", \"lessThan\": \"1.12.0\", \"versionType\": \"semver\"}], \"platforms\": [\"64 bit\", \"32 bit\", \"x86\", \"ARM\", \"MacOS\", \"Windows\", \"Linux\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://github.com/hashicorp/vault\", \"vendor\": \"HashiCorp\", \"product\": \"Vault Enterprise\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.14.0\", \"lessThan\": \"1.14.3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.13.0\", \"lessThan\": \"1.13.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.12.0\", \"lessThan\": \"1.12.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.6.0\", \"lessThan\": \"1.12.0\", \"versionType\": \"semver\"}], \"platforms\": [\"64 bit\", \"32 bit\", \"x86\", \"ARM\", \"MacOS\", \"Windows\", \"Linux\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eHashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.\u003c/p\u003e\u003cbr/\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-323\", \"description\": \"CWE-323: Reusing a Nonce, Key Pair in Encryption\"}]}], \"providerMetadata\": {\"orgId\": \"67fedba0-ff2e-4543-ba5b-aa93e87718cc\", \"shortName\": \"HashiCorp\", \"dateUpdated\": \"2024-09-26T16:53:53.489Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-4680\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-26T16:53:53.489Z\", \"dateReserved\": \"2023-08-31T15:50:09.764Z\", \"assignerOrgId\": \"67fedba0-ff2e-4543-ba5b-aa93e87718cc\", \"datePublished\": \"2023-09-14T23:06:24.546Z\", \"assignerShortName\": \"HashiCorp\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-V84F-6R39-CPFC

Vulnerability from github – Published: 2023-09-15 00:30 – Updated: 2023-09-15 19:03

Summary

HashiCorp Vault Improper Input Validation vulnerability

Details

Severity ?

6.8 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/hashicorp/vault"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.6.0"
            },
            {
              "fixed": "1.12.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/hashicorp/vault"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.13.0"
            },
            {
              "fixed": "1.13.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/hashicorp/vault"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.14.0"
            },
            {
              "fixed": "1.14.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-4680"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-323"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-09-15T19:03:05Z",
    "nvd_published_at": "2023-09-15T00:15:07Z",
    "severity": "MODERATE"
  },
  "details": "HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.",
  "id": "GHSA-v84f-6r39-cpfc",
  "modified": "2023-09-15T19:03:05Z",
  "published": "2023-09-15T00:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4680"
    },
    {
      "type": "WEB",
      "url": "https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/hashicorp/vault"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "HashiCorp Vault Improper Input Validation vulnerability"
}

GSD-2023-4680

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-4680

Aliases

CVE-2023-4680

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-4680",
    "id": "GSD-2023-4680"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-4680"
      ],
      "details": "HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.",
      "id": "GSD-2023-4680",
      "modified": "2023-12-13T01:20:27.314475Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@hashicorp.com",
        "ID": "CVE-2023-4680",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Vault",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "1.14.0",
                          "version_value": "1.14.3"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "1.13.0",
                          "version_value": "1.13.7"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "1.12.0",
                          "version_value": "1.12.11"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "1.6.0",
                          "version_value": "1.12.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Vault Enterprise",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "1.14.0",
                          "version_value": "1.14.3"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "1.13.0",
                          "version_value": "1.13.7"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "1.12.0",
                          "version_value": "1.12.11"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "1.6.0",
                          "version_value": "1.12.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "HashiCorp"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-20",
                "lang": "eng",
                "value": "CWE-20: Improper Input Validation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249",
            "refsource": "MISC",
            "url": "https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249"
          }
        ]
      },
      "source": {
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.13.7",
                "versionStartIncluding": "1.13.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.14.3",
                "versionStartIncluding": "1.14.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.12.11",
                "versionStartIncluding": "1.6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.12.11",
                "versionStartIncluding": "1.6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.13.7",
                "versionStartIncluding": "1.13.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.14.3",
                "versionStartIncluding": "1.14.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@hashicorp.com",
          "ID": "CVE-2023-4680"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 1.6,
          "impactScore": 5.2
        }
      },
      "lastModifiedDate": "2023-09-20T14:55Z",
      "publishedDate": "2023-09-15T00:15Z"
    }
  }
}

bit-vault-2023-4680

Vulnerability from bitnami_vulndb

Published

2024-03-06 11:08

Modified

2025-05-20 10:02

Summary

Vault's Transit Secrets Engine Allowed Nonce Specified without Convergent Encryption

Details

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Bitnami",
        "name": "vault",
        "purl": "pkg:bitnami/vault"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.6.0"
            },
            {
              "fixed": "1.12.11"
            },
            {
              "introduced": "1.13.0"
            },
            {
              "fixed": "1.13.7"
            },
            {
              "introduced": "1.14.0"
            },
            {
              "fixed": "1.14.3"
            }
          ],
          "type": "SEMVER"
        }
      ],
      "severity": [
        {
          "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "type": "CVSS_V3"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-4680"
  ],
  "database_specific": {
    "cpes": [
      "cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*",
      "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*"
    ],
    "severity": "Medium"
  },
  "details": "HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.",
  "id": "BIT-vault-2023-4680",
  "modified": "2025-05-20T10:02:07.006Z",
  "published": "2024-03-06T11:08:32.778Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4680"
    }
  ],
  "schema_version": "1.5.0",
  "summary": "Vault\u0027s Transit Secrets Engine Allowed Nonce Specified without Convergent Encryption"
}

FKIE_CVE-2023-4680

Vulnerability from fkie_nvd - Published: 2023-09-15 00:15 - Updated: 2024-11-21 08:35

Severity ?

6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Summary

References

	URL	Tags
	security@hashicorp.com	https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249	Vendor Advisory

Impacted products

Vendor	Product	Version
hashicorp	vault	*
hashicorp	vault	*
hashicorp	vault	*
hashicorp	vault	*
hashicorp	vault	*
hashicorp	vault	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88214AA6-BE16-44D0-8BF3-961AA4F4912C",
              "versionEndExcluding": "1.12.11",
              "versionStartIncluding": "1.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "308AEF45-E549-4EA3-8028-3A95978BF44C",
              "versionEndExcluding": "1.12.11",
              "versionStartIncluding": "1.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1190B84C-4AE0-4353-A7B3-64B646E4BCA5",
              "versionEndExcluding": "1.13.7",
              "versionStartIncluding": "1.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "148E1E7C-5DB9-4261-BF3B-A54C8B5F43EA",
              "versionEndExcluding": "1.13.7",
              "versionStartIncluding": "1.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "931AAAF6-4AB0-46EB-A03F-FF98A22867C2",
              "versionEndExcluding": "1.14.3",
              "versionStartIncluding": "1.14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "778CBB0C-2739-4733-871A-9B053843FADC",
              "versionEndExcluding": "1.14.3",
              "versionStartIncluding": "1.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11."
    },
    {
      "lang": "es",
      "value": "El motor de secretos de tr\u00e1nsito de HashiCorp Vault y Vault Enterprise permiti\u00f3 a los usuarios autorizados especificar nonces arbitrarios, incluso con el cifrado convergente deshabilitado. El endpoint de cifrado, en combinaci\u00f3n con un ataque fuera de l\u00ednea, podr\u00eda usarse para descifrar texto cifrado arbitrario y potencialmente derivar la subclave de autenticaci\u00f3n cuando se utiliza el motor de secretos de tr\u00e1nsito sin cifrado convergente. Introducido en 1.6.0 y corregido en 1.14.3, 1.13.7 y 1.12.11."
    }
  ],
  "id": "CVE-2023-4680",
  "lastModified": "2024-11-21T08:35:40.467",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.2,
        "source": "security@hashicorp.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-09-15T00:15:07.967",
  "references": [
    {
      "source": "security@hashicorp.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249"
    }
  ],
  "sourceIdentifier": "security@hashicorp.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-323"
        }
      ],
      "source": "security@hashicorp.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2023-4680

Vulnerability from fstec - Published: 14.09.2023

Title

Уязвимость платформ для архивирования корпоративной информации HashiCorp Vault и Vault Enterprise, связанная с неправильной проверкой входных данных, позволяющая нарушителю задавать произвольные случайные значения (нонсы) при отключённой конвергентной криптографии

Description

Уязвимость платформ для архивирования корпоративной информации HashiCorp Vault и Vault Enterprise связана с неправильной проверкой входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, задавать произвольные случайные значения (нонсы) при отключённой конвергентной криптографии

Severity ?


                    
                      AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Vendor

ООО «Ред Софт», HashiCorp

Software Name

РЕД ОС (запись в едином реестре российских программ №3751), Vault, Vault Enterprise

Software Version

7.3 (РЕД ОС), от 1.6.0 до 1.12.11 (Vault), от 1.6.0 до 1.12.11 (Vault Enterprise), от 1.13.0 до 1.13.7 (Vault Enterprise), от 1.13.0 до 1.13.7 (Vault), от 1.14.0 до 1.14.3 (Vault), от 1.14.0 до 1.14.3 (Vault Enterprise)

Possible Mitigations

Использование рекомендаций производителя: Для HashiCorp Vault и Vault Enterprise: https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249 Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/

Reference

https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249 https://redos.red-soft.ru/support/secure/

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:H/Au:S/C:C/I:C/A:N",
  "CVSS 3.0": "AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, HashiCorp",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), \u043e\u0442 1.6.0 \u0434\u043e 1.12.11 (Vault), \u043e\u0442 1.6.0 \u0434\u043e 1.12.11 (Vault Enterprise), \u043e\u0442 1.13.0 \u0434\u043e 1.13.7 (Vault Enterprise), \u043e\u0442 1.13.0 \u0434\u043e 1.13.7 (Vault), \u043e\u0442 1.14.0 \u0434\u043e 1.14.3 (Vault), \u043e\u0442 1.14.0 \u0434\u043e 1.14.3 (Vault Enterprise)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\n\u0414\u043b\u044f HashiCorp Vault \u0438 Vault Enterprise:\nhttps://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.09.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "29.10.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "29.10.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-08718",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-4680",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Vault, Vault Enterprise",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 HashiCorp Vault \u0438 Vault Enterprise, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0437\u0430\u0434\u0430\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f (\u043d\u043e\u043d\u0441\u044b) \u043f\u0440\u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0451\u043d\u043d\u043e\u0439 \u043a\u043e\u043d\u0432\u0435\u0440\u0433\u0435\u043d\u0442\u043d\u043e\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 HashiCorp Vault \u0438 Vault Enterprise \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0437\u0430\u0434\u0430\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f (\u043d\u043e\u043d\u0441\u044b) \u043f\u0440\u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0451\u043d\u043d\u043e\u0439 \u043a\u043e\u043d\u0432\u0435\u0440\u0433\u0435\u043d\u0442\u043d\u043e\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249\nhttps://redos.red-soft.ru/support/secure/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-4680 (GCVE-0-2023-4680)

GHSA-V84F-6R39-CPFC

GSD-2023-4680

bit-vault-2023-4680

Vulnerability from bitnami_vulndb

FKIE_CVE-2023-4680

CVE-2023-4680

Tags

Sightings

Nomenclature