CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5834 – Vagrant’s Windows Installer Allowed Directory Junction Write
https://notcve.org/view.php?id=CVE-2023-5834
HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0. El instalador HashiCorp Vagrant de Windows apuntó a una ubicación personalizada con una ruta no protegida que podía unirse, lo que introdujo la posibilidad de escrituras no autorizadas en el sistema de archivos. Corregido en Vagrant 2.4.0. • https://discuss.hashicorp.com/t/hcsec-2023-31-vagrant-s-windows-installer-allowed-directory-junction-write/59568 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-1386: Insecure Operation on Windows Junction / Mount Point •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-5077 – Vault's Google Cloud Secrets Engine Removed Existing IAM Conditions When Creating / Updating Rolesets
https://notcve.org/view.php?id=CVE-2023-5077
The Vault and Vault Enterprise ("Vault") Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Fixed in Vault 1.13.0. El engine de los secretos en Vault and Vault Enterprise ("Vault") Google Cloud no conservó la existencia de Google Cloud IAM Conditions al crear o actualizar conjuntos de roles. Corregido en Vault 1.13.0. A flaw was found in HashiCorp Vault and Vault Enterprise. • https://discuss.hashicorp.com/t/hcsec-2023-30-vault-s-google-cloud-secrets-engine-removed-existing-iam-conditions-when-creating-updating-rolesets/58654 https://access.redhat.com/security/cve/CVE-2023-5077 https://bugzilla.redhat.com/show_bug.cgi?id=2241980 • CWE-266: Incorrect Privilege Assignment CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-3775 – Vault Enterprise's Sentinel RGP Policies Allowed For Cross-Namespace Denial of Service
https://notcve.org/view.php?id=CVE-2023-3775
A Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potentially resulting in denial of service. Fixed in Vault Enterprise 1.15.0, 1.14.4, 1.13.8. Vault Enterprise Sentinel Role Governing Policy creada por un operador para restringir el acceso a los recursos en un espacio de nombres se puede aplicar a solicitudes externas en otro espacio de nombres no descendiente, lo que podría provocar una denegación de servicio. Corregido en Vault Enterprise 1.15.0, 1.14.4, 1.13.8. A flaw was found in the Vault Enterprise. • https://discuss.hashicorp.com/t/hcsec-2023-29-vault-enterprise-s-sentinel-rgp-policies-allowed-for-cross-namespace-denial-of-service/58653 https://access.redhat.com/security/cve/CVE-2023-3775 https://bugzilla.redhat.com/show_bug.cgi?id=2241306 • CWE-20: Improper Input Validation CWE-266: Incorrect Privilege Assignment CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-4680 – Vault's Transit Secrets Engine Allowed Nonce Specified without Convergent Encryption
https://notcve.org/view.php?id=CVE-2023-4680
HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11. El motor de secretos de tránsito de HashiCorp Vault y Vault Enterprise permitió a los usuarios autorizados especificar nonces arbitrarios, incluso con el cifrado convergente deshabilitado. El endpoint de cifrado, en combinación con un ataque fuera de línea, podría usarse para descifrar texto cifrado arbitrario y potencialmente derivar la subclave de autenticación cuando se utiliza el motor de secretos de tránsito sin cifrado convergente. • https://discuss.hashicorp.com/t/hcsec-2023-28-vault-s-transit-secrets-engine-allowed-nonce-specified-without-convergent-encryption/58249 • CWE-20: Improper Input Validation CWE-323: Reusing a Nonce, Key Pair in Encryption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4782 – Terraform Allows Arbitrary File Write During Init Operation
https://notcve.org/view.php?id=CVE-2023-4782
Terraform version 1.0.8 through 1.5.6 allows arbitrary file write during the `init` operation if run on maliciously crafted Terraform configuration. This vulnerability is fixed in Terraform 1.5.7. Las versiones desde 1.0.8 hasta 1.5.6 de Terraform permiten la escritura arbitraria de archivos durante la operación 'init' si se ejecuta en una configuración de Terraform manipulda con fines malintencionados. Esta vulnerabilidad se corrigió en Terraform 1.5.7. • https://discuss.hashicorp.com/t/hcsec-2023-27-terraform-allows-arbitrary-file-write-during-init-operation/58082 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •