CVE-2023-3775

CVSS V2 None CVSS V3 None
Description
A Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potentially resulting in denial of service. Fixed in Vault Enterprise 1.15.0, 1.14.4, 1.13.8.
Overview
  • CVE ID
  • CVE-2023-3775
  • Assigner
  • HashiCorp
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-09-28T23:17:24.349Z
  • Last Modified Date
  • 2023-09-28T23:17:24.349Z
History
Created Old Value New Value Data Type Notes
2024-06-24 20:55:07 Added to TrackCVE