CVE-2024-2877 – Vault Enterprise Leaks Sensitive HTTP Request Headers in the Audit Log When Deployed With a Performance Standby Node
https://notcve.org/view.php?id=CVE-2024-2877
Vault Enterprise, when configured with performance standby nodes and a configured audit device, will inadvertently log request headers on the standby node. These logs may have included sensitive HTTP request information in cleartext. This vulnerability, CVE-2024-2877, was fixed in Vault Enterprise 1.15.8. Vault Enterprise, cuando se configura con nodos en espera de rendimiento y un dispositivo de auditoría configurado, registrará inadvertidamente encabezados de solicitud en el nodo en espera. Es posible que estos registros hayan incluido información confidencial de solicitudes HTTP en texto plano. Esta vulnerabilidad, CVE-2024-2877, se solucionó en Vault Enterprise 1.15.8. • https://discuss.hashicorp.com/t/hsec-2024-10-vault-enterprise-leaks-sensitive-http-request-headers-in-audit-log-when-deployed-with-a-performance-standby-node https://security.netapp.com/advisory/ntap-20240614-0002 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2024-3817 – HashiCorp go-getter Vulnerable to Argument Injection When Fetching Remote Default Git Branches
https://notcve.org/view.php?id=CVE-2024-3817
HashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. This vulnerability does not affect the go-getter/v2 branch and package. La librería de HashiCorp es vulnerable a la inyección de argumentos al ejecutar Git para descubrir ramas remotas. Esta vulnerabilidad no afecta a la rama ni al paquete go-getter/v2. • https://discuss.hashicorp.com/t/hcsec-2024-09-hashicorp-go-getter-vulnerable-to-argument-injection-when-fetching-remote-default-git-branches/66040 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVE-2024-2660 – Vault TLS Cert Auth Method Did Not Correctly Validate OCSP Responses
https://notcve.org/view.php?id=CVE-2024-2660
Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. Fixed in Vault 1.16.0 and Vault Enterprise 1.16.1, 1.15.7, and 1.14.11. El método de autenticación de los certificados TLS de Vault y Vault Enterprise no validaba correctamente las respuestas de OCSP cuando se configuraban uno o más orígenes de OCSP. Se corrigió en Vault 1.16.0 y Vault Enterprise 1.16.1, 1.15.7 y 1.14.11. Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. • https://discuss.hashicorp.com/t/hcsec-2024-07-vault-tls-cert-auth-method-did-not-correctly-validate-ocsp-responses/64573 https://security.netapp.com/advisory/ntap-20240524-0007 • CWE-636: Not Failing Securely ('Failing Open') CWE-703: Improper Check or Handling of Exceptional Conditions •
CVE-2024-2048 – Vault Cert Auth Method Did Not Correctly Validate Non-CA Certificates
https://notcve.org/view.php?id=CVE-2024-2048
Vault and Vault Enterprise (“Vault”) TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as trusted certificate. In this configuration, an attacker may be able to craft a malicious certificate that could be used to bypass authentication. Fixed in Vault 1.15.5 and 1.14.10. El método de autenticación de certificados TLS de Vault y Vault Enterprise (“Vault”) no validaba correctamente los certificados de cliente cuando se configuraba con un certificado que no era CA como certificado confiable. En esta configuración, un atacante puede crear un certificado malicioso que podría usarse para eludir la autenticación. • https://discuss.hashicorp.com/t/hcsec-2024-05-vault-cert-auth-method-did-not-correctly-validate-non-ca-certificates/63382 https://security.netapp.com/advisory/ntap-20240524-0009 • CWE-295: Improper Certificate Validation •
CVE-2024-1329 – Nomad Vulnerable to Arbitrary Write Through Symlink Attack
https://notcve.org/view.php?id=CVE-2024-1329
HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink attacks. Fixed in Nomad 1.7.4, 1.6.7, 1.5.14. HashiCorp Nomad y Nomad Enterprise 1.5.13 hasta 1.6.6 y 1.7.3 el renderizador de plantillas es vulnerable a la escritura de archivos arbitrarios en el host como usuario del cliente Nomad a través de ataques de enlaces simbólicos. Corregido en Nomad 1.7.4, 1.6.7, 1.5.14. HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink attacks. • https://discuss.hashicorp.com/t/hcsec-2024-03-nomad-vulnerable-to-arbitrary-write-through-symlink-attack • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-610: Externally Controlled Reference to a Resource in Another Sphere •