CVE-2023-5954: Vault Requests Triggering Policy Checks May Lead To Unbounded Memory Consumption
First published: Thu Nov 09 2023(Updated: )
HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. A large number of these requests may lead to denial-of-service. Fixed in Vault 1.15.2, 1.14.6, and 1.13.10.
Credit: security@hashicorp.com security@hashicorp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| go/github.com/hashicorp/vault | >=1.15.0<1.15.2 | 1.15.2 |
| go/github.com/hashicorp/vault | >=1.14.0<1.14.6 | 1.14.6 |
| go/github.com/hashicorp/vault | <1.13.10 | 1.13.10 |
| HashiCorp Vault | >=1.13.7<1.13.10 | |
| HashiCorp Vault | >=1.13.7<1.13.10 | |
| HashiCorp Vault | >=1.14.3<1.14.6 | |
| HashiCorp Vault | >=1.14.3<1.14.6 | |
| HashiCorp Vault | >=1.15.0<1.15.2 | |
| HashiCorp Vault | >=1.15.0<1.15.2 | |
| redhat/Vault | <1.15.2 | 1.15.2 |
| redhat/Vault | <1.14.6 | 1.14.6 |
| redhat/Vault | <1.13.10 | 1.13.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://nvd.nist.gov/vuln/detail/CVE-2023-5954
- https://discuss.hashicorp.com/t/hcsec-2023-33-vault-requests-triggering-policy-checks-may-lead-to-unbounded-memory-consumption/59926
- https://security.netapp.com/advisory/ntap-20231227-0001/
- https://github.com/advisories/GHSA-4qhc-v8r6-8vwm (Advisory)
- https://access.redhat.com/security/cve/CVE-2023-5954
- https://access.redhat.com/errata/RHSA-2024:3718
- https://bugzilla.redhat.com/show_bug.cgi?id=2249115
Frequently Asked Questions
What is CVE-2023-5954?
CVE-2023-5954 is a vulnerability in HashiCorp Vault and Vault Enterprise that allows inbound client requests triggering a policy check to consume an unbounded amount of memory, potentially leading to denial-of-service.
What is the severity of CVE-2023-5954?
CVE-2023-5954 has a severity rating of medium with a severity value of 5.9.
How can I fix CVE-2023-5954?
To fix CVE-2023-5954, update to Vault version 1.15.2, 1.14.6, or 1.13.10.
Where can I find more information about CVE-2023-5954?
More information about CVE-2023-5954 can be found at the following references: [HashiCorp Discuss](https://discuss.hashicorp.com/t/hcsec-2023-33-vault-requests-triggering-policy-checks-may-lead-to-unbounded-memory-consumption/59926), [NVD](https://nvd.nist.gov/vuln/detail/CVE-2023-5954), [GitHub Security Advisory](https://github.com/advisories/GHSA-4qhc-v8r6-8vwm).
What is the Common Weakness Enumeration (CWE) ID related to CVE-2023-5954?
The Common Weakness Enumeration (CWE) ID related to CVE-2023-5954 is CWE-401.
- collector/github-advisory-latest
- alias/GHSA-4qhc-v8r6-8vwm
- alias/CVE-2023-5954
- agent/author
- agent/type
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- collector/github-advisory
- source/GitHub
- agent/title
- agent/references
- agent/weakness
- agent/severity
- agent/softwarecombine
- agent/description
- collector/nvd-cve
- agent/event
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- collector/redhat-bugzilla
- source/Red Hat
- package-manager/go
- vendor/hashicorp
- canonical/hashicorp vault
- version/hashicorp vault/1.13.7
- version/hashicorp vault/1.14.3
- version/hashicorp vault/1.15.0
- package-manager/redhat