CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3024 – Gentoo Linux Security Advisory 202207-01
https://notcve.org/view.php?id=CVE-2021-3024
01 Feb 2021 — HashiCorp Vault and Vault Enterprise disclosed the internal IP address of the Vault node when responding to some invalid, unauthenticated HTTP requests. Fixed in 1.6.2 & 1.5.7. HashiCorp Vault y Vault Enterprise revelaron la dirección IP interna del nodo de Vault al responder a algunas peticiones HTTP no válidas y no autenticadas. Corregido en las versiones 1.6.2 y 1.5.7 Multiple vulnerabilities have been discovered in HashiCorp Vault, the worst of which could result in denial of service. Versions less... • https://discuss.hashicorp.com/t/hcsec-2021-02-vault-api-endpoint-exposed-internal-ip-address-without-authentication/20334 •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2020-25594 – Gentoo Linux Security Advisory 202207-01
https://notcve.org/view.php?id=CVE-2020-25594
01 Feb 2021 — HashiCorp Vault and Vault Enterprise allowed for enumeration of Secrets Engine mount paths via unauthenticated HTTP requests. Fixed in 1.6.2 & 1.5.7. HashiCorp Vault y Vault Enterprise permitieron la enumeración de rutas de montaje de Secrets Engine por medio de peticiones HTTP no autenticadas. Corregido en las versiones 1.6.2 y 1.5.7 Multiple vulnerabilities have been discovered in HashiCorp Vault, the worst of which could result in denial of service. Versions less than 1.10.3 are affected. • https://discuss.hashicorp.com/t/hcsec-2021-03-vault-api-endpoint-allowed-enumeration-of-secrets-engine-mount-paths-without-authentication/20336 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3282 – Gentoo Linux Security Advisory 202207-01
https://notcve.org/view.php?id=CVE-2021-3282
01 Feb 2021 — HashiCorp Vault Enterprise 1.6.0 & 1.6.1 allowed the `remove-peer` raft operator command to be executed against DR secondaries without authentication. Fixed in 1.6.2. HashiCorp Vault Enterprise versiones 1.6.0 y 1.6.1, permitieron que el comando del operador raft "remove-peer" sea ejecutado contra los secundarios de DR sin autenticación. Corregido en la versión 1.6.2 Multiple vulnerabilities have been discovered in HashiCorp Vault, the worst of which could result in denial of service. Versions less tha... • https://discuss.hashicorp.com/t/hcsec-2021-04-vault-enterprise-s-dr-secondaries-allowed-raft-peer-removal-without-authentication/20337 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3283
https://notcve.org/view.php?id=CVE-2021-3283
01 Feb 2021 — HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Fixed in 0.12.10, and 1.0.3. HashiCorp Nomad y Nomad Enterprise versiones hasta 0.12.9, exec y los controladores de tareas de Java pueden acceder a los procesos asociados con otras tareas en el mismo nodo. Corregido en las versiones 0.12.10 y 1.0.3 • https://discuss.hashicorp.com/t/hcsec-2021-01-nomad-s-exec-and-java-task-drivers-did-not-isolate-processes/20332 •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8567 – Kubernetes Secrets Store CSI Driver plugin directory traversals
https://notcve.org/view.php?id=CVE-2020-8567
21 Jan 2021 — Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods. Kubernetes Secrets Store CSI Driver Vault Plugin anterior a versión v0.0.6, Azure Plugin anterior a versión v0.0.10 y GCP Plugin anterior a versión v0.2.0, permiten a un atacante que puede crear objetos SecretProvid... • https://github.com/kubernetes-sigs/secrets-store-csi-driver/issues/384 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-24: Path Traversal: '../filedir' •
CVSS: 8.6EPSS: 0%CPEs: 7EXPL: 0CVE-2021-3121 – gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
https://notcve.org/view.php?id=CVE-2021-3121
11 Jan 2021 — An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue. Se detectó un problema en GoGo Protobuf versiones anteriores a 1.3.2. El archivo plugin/unmarshal/unmarshal.go carece de determinada comprobación de índice, también se conoce como el problema "skippy peanut butter" A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects... • https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025 • CWE-129: Improper Validation of Array Index •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2020-35453
https://notcve.org/view.php?id=CVE-2020-35453
17 Dec 2020 — HashiCorp Vault Enterprise’s Sentinel EGP policy feature incorrectly allowed requests to be processed in parent and sibling namespaces. Fixed in 1.5.6 and 1.6.1. La funcionalidad de la política Sentinel EGP de HashiCorp Vault Enterprise, permitía incorrectamente peticiones a ser procesadas en los espacios de nombres de parent y sibling. Corregido en versiones 1.5.6 y 1.6.1 • https://discuss.hashicorp.com/t/hcsec-2020-24-vault-enterprise-s-sentinel-egp-policies-may-impact-parent-or-sibling-namespaces/18983 •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2020-35177
https://notcve.org/view.php?id=CVE-2020-35177
17 Dec 2020 — HashiCorp Vault and Vault Enterprise 1.4.1 and newer allowed the enumeration of users via the LDAP auth method. Fixed in 1.5.6 and 1.6.1. HashiCorp Vault y Vault Enterprise 1.4.1 y más recientes permitieron la enumeración de usuarios por medio del método de autenticación LDAP. Corregido en versiones 1.5.6 y 1.6.1 • https://discuss.hashicorp.com/t/hcsec-2020-25-vault-s-ldap-auth-method-allows-user-enumeration/18984 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0CVE-2020-35192
https://notcve.org/view.php?id=CVE-2020-35192
17 Dec 2020 — The official vault docker images before 0.11.6 contain a blank password for a root user. System using the vault docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. Las imágenes de docker de official vault versiones anteriores a 0.11.6, contienen una contraseña en blanco para un usuario root. El sistema que usa el contenedor de docker vault implementado por unas versiones afectadas de la imagen de docker puede permi... • https://github.com/koharin/koharin2/blob/main/CVE-2020-35192 • CWE-306: Missing Authentication for Critical Function •
CVSS: 10.0EPSS: 49%CPEs: 1EXPL: 0CVE-2020-29564
https://notcve.org/view.php?id=CVE-2020-29564
08 Dec 2020 — The official Consul Docker images 0.7.1 through 1.4.2 contain a blank password for a root user. System using the Consul Docker container deployed by affected versions of the Docker image may allow a remote attacker to achieve root access with a blank password. Las imágenes oficiales de Docker Consul versiones 0.7.1 hasta 1.4.2, contienen una contraseña en blanco para un usuario root. El sistema que utiliza el contenedor Consul Docker implementado por las versiones afectadas de la imagen de Docker puede... • https://github.com/koharin/koharin2/blob/main/CVE-2020-29564 •