Security Advisory

CVE-2024-2877

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-30 14:58:09

Last updated 2025-02-13 17:47:31

Assigner HashiCorp

State PUBLISHED

Description

Vault Enterprise, when configured with performance standby nodes and a configured audit device, will inadvertently log request headers on the standby node. These logs may have included sensitive HTTP request information in cleartext. This vulnerability, CVE-2024-2877, was fixed in Vault Enterprise 1.15.8.

← Browse all CVEs View on cve.org ↗