OpenBao Privileged Operator Code Execution Vulnerability

A critical vulnerability allows privileged OpenBao operators to execute arbitrary code on the underlying host and make unauthorized network connections. This issue affects OpenBao versions prior to 2.3.2. The vulnerability arises because the audit subsystem permits manipulation of log prefixes, which can be exploited to bypass restrictions on executing system code and accessing the network. This exploitation occurs under certain threat models where the OpenBao operator, despite having privileged API access, is not a system administrator and typically cannot execute code or make network connections.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution on the host where OpenBao is running, potentially allowing an attacker to execute malicious actions with the same privileges as the OpenBao server process.

Remediation

Users can upgrade to OpenBao version 2.3.2, which addresses this vulnerability. Instructions for downloading this version are available on the OpenBao GitHub Releases page.