VDB

CVE-2025-6004

CVE-2025-6004 PUBLISHED

Vault and Vault Enterprise’s (“Vault”) user lockout feature could be bypassed for Userpass and LDAP authentication methods. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.

EPSS 0.12% · 29.9th percentile

Risk Scores

EPSS Score
0.12%
29.9th percentile

Affected Products

VendorProductVersions
Bitnamivault1.13.0
Bitnamivault1.13.0

Timeline

  • Aug 1, 2025 CVE Published
  • Aug 1, 2025 Coalition ESS Score
  • Aug 2, 2025 EPSS Score
  • Aug 4, 2025 Coalition ESS Score
  • Aug 6, 2025 Coalition ESS Score
  • Aug 8, 2025 PoC Published
  • Aug 11, 2025 EPSS Score
  • Aug 12, 2025 Coalition ESS Score
  • Aug 13, 2025 Coalition ESS Score
  • Aug 19, 2025 EPSS Score
  • Aug 22, 2025 Coalition ESS Score
  • Aug 26, 2025 Coalition ESS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›