Vulnetix
Try Vulnetix Request Demo
CVE-2023-2121 PUBLISHED

Vault and Vault Enterprise's (Vault) key-value v2 (kv-v2) diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is fixed in Vault 1.14.0, 1.13.3, 1.12.7, and 1.11.11.

EPSS 0.47% · 64.4th percentile

Risk Scores

EPSS Score
0.47%
64.4th percentile

Affected Products

VendorProductVersions
Bitnamivault0, 1.12.0, 1.13.0
Bitnamivault0, 1.12.0, 1.13.0

Timeline

References

Open in Interactive Console →