CVE-2024-9180: Vault Operators in Root Namespace May Elevate Their Privileges
First published: Thu Oct 10 2024(Updated: )
A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s privileges to Vault’s root policy. Fixed in Vault Community Edition 1.18.0 and Vault Enterprise 1.18.0, 1.17.7, 1.16.11, and 1.15.16.
Credit: security@hashicorp.com security@hashicorp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| go/github.com/hashicorp/vault | <1.18.0 | 1.18.0 |
| HashiCorp Vault | >=1.7.7<=1.17.7 | |
| HashiCorp Vault | >=1.7.7<1.18.0 | |
| HashiCorp Vault | >=1.15.0<1.15.16 | |
| HashiCorp Vault | >=1.16.0<1.16.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/weakness
- agent/title
- agent/type
- agent/first-publish-date
- agent/severity
- agent/event
- collector/nvd-cve
- source/NVD
- agent/author
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-rr8j-7w34-xp5j
- alias/CVE-2024-9180
- agent/software-canonical-lookup
- agent/references
- agent/softwarecombine
- agent/tags
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/description
- collector/nvd-api
- agent/last-modified-date
- collector/github-advisory
- package-manager/go
- vendor/hashicorp
- canonical/hashicorp vault
- version/hashicorp vault/1.7.7
- version/hashicorp vault/1.17.7
- version/hashicorp vault/1.15.0
- version/hashicorp vault/1.16.0