Primary

Context

HashiCorp Vault and Vault Enterprise TLS Certificate Authentication Vulnerability Allowing Impersonation

Vulnerability

Patched

A vulnerability exists in the TLS certificate authentication method of HashiCorp Vault and Vault Enterprise. When non-CA certificates are used as trusted certificates, the authentication method fails to properly validate client certificates. This flaw allows an attacker to create a malicious certificate that could impersonate another user. The issue affects Vault Community Edition versions prior to 1.20.1 and Vault Enterprise versions up to 1.20.0, 1.19.6, 1.18.11, 1.16.22, and 1.15.15.

Impact

Exploitation of this vulnerability could lead to unauthorized impersonation of users within the Vault system, allowing attackers to inherit the entity_id, policies, and group memberships of the impersonated users.

Remediation

Users are advised to upgrade to Vault Community Edition 1.20.1 or Vault Enterprise 1.20.1, 1.19.7, 1.18.12, or 1.16.23.

Added: Aug 1, 2025, 6:30 PM

Updated: Aug 1, 2025, 6:30 PM

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

1.3

exploitability

5.2

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

1.3

exploitability

5.2

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HashiCorp Vault and Vault Enterprise TLS Certificate Authentication Vulnerability Allowing Impersonation

Vulnerability

Impact

Remediation

Affected Products

HashiCorp Vault

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating