Security Advisory

CVE-2021-45042

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-17 13:38:51
Last updated 2024-08-04 04:32:13
Assigner mitre
State PUBLISHED

Description

In HashiCorp Vault and Vault Enterprise before 1.7.7, 1.8.x before 1.8.6, and 1.9.x before 1.9.1, clusters using the Integrated Storage backend allowed an authenticated user (with write permissions to a kv secrets engine) to cause a panic and denial of service of the storage backend. The earliest affected version is 1.4.0.